www.goaheadtours.com Open in urlscan Pro
2606:4700::6812:7059 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://goef.ch/
Effective URL:
https://www.goaheadtours.com/
Submission: On October 05 via api (October 5th 2023, 10:20:17 am UTC) from CH — Scanned from CH

Summary HTTP 247 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 67 IPs in 9 countries across 55 domains to perform 247 HTTP transactions. The main IP is 2606:4700::6812:7059, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.goaheadtours.com. The Cisco Umbrella rank of the primary domain is 496100.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 27th 2023. Valid for: a year.

This is the only time www.goaheadtours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2606:4700::68... 2606:4700::6812:7059	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:223... 2600:9000:223e:9400:13:b371:9a00:21	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.95 65.9.66.95	16509 (AMAZON-02) (AMAZON-02)
22	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
18	18.66.122.38 18.66.122.38	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:b200:12:66da:ca00:21	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:1e00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	23.38.98.111 23.38.98.111	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	44.209.137.118 44.209.137.118	14618 (AMAZON-AES) (AMAZON-AES)
2	3.12.156.53 3.12.156.53	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	13.225.78.63 13.225.78.63	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	3.212.39.155 3.212.39.155	14618 (AMAZON-AES) (AMAZON-AES)
1 3	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	35.81.173.170 35.81.173.170	16509 (AMAZON-02) (AMAZON-02)
2	178.128.135.233 178.128.135.233	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.212.4.35 34.212.4.35	16509 (AMAZON-02) (AMAZON-02)
1 1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 2	3.127.97.70 3.127.97.70	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.71.140.162 3.71.140.162	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3 4	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1	54.77.251.23 54.77.251.23	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	46.51.199.218 46.51.199.218	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1 2	54.72.199.212 54.72.199.212	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.197.66.22 18.197.66.22	16509 (AMAZON-02) (AMAZON-02)
1	34.253.255.215 34.253.255.215	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.63 64.202.112.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4280:608c:ccfd:554f:bc1	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.32.185.192 23.32.185.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.255.244.27 34.255.244.27	16509 (AMAZON-02) (AMAZON-02)
65	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
1	79.125.32.89 79.125.32.89	16509 (AMAZON-02) (AMAZON-02)
1	23.48.23.35 23.48.23.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.16.197.138 3.16.197.138	16509 (AMAZON-02) (AMAZON-02)
3	34.193.113.164 34.193.113.164	() ()
247	67

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

goef.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700::6812:7059 (United States)

ASN13335 (CLOUDFLARENET, US)

www.goaheadtours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.goaheadtours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223e:9400:13:b371:9a00:21 (United States)

ASN16509 (AMAZON-02, US)

d1nldbz8jmu82w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-95.fra56.r.cloudfront.net

img2.storyblok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.66.122.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-38.fra60.r.cloudfront.net

a.storyblok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:b200:12:66da:ca00:21 (United States)

ASN16509 (AMAZON-02, US)

d3oig6rspwnkfc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

6384424.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10100557.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:1e00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.38.98.111 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-111.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.137.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-137-118.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.12.156.53 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-156-53.us-east-2.compute.amazonaws.com

collector-30678.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-63.fra2.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.39.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-39-155.compute-1.amazonaws.com

3.212.39.155	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.81.173.170 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-173-170.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.128.135.233 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

z.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.97.70 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-97-70.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.140.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-140-162.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.71.149.231 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.251.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-251-23.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.51.199.218 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-199-218.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.199.212 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-199-212.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.66.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-66-22.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.255.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-255-215.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:608c:ccfd:554f:bc1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.244.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-244-27.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.32.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-32-89.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.35 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-35.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.16.197.138 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-197-138.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.193.113.164 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	driftt.com js.driftt.com — Cisco Umbrella Rank: 6698	757 KB
32	goaheadtours.com www.goaheadtours.com — Cisco Umbrella Rank: 496100 assets.goaheadtours.com — Cisco Umbrella Rank: 470528	577 KB
20	storyblok.com img2.storyblok.com — Cisco Umbrella Rank: 81471 a.storyblok.com — Cisco Umbrella Rank: 31252	642 KB
19	opmnstr.com a.opmnstr.com — Cisco Umbrella Rank: 26645	83 KB
11	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714 adservice.google.com — Cisco Umbrella Rank: 118	2 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 sslwidget.criteo.com — Cisco Umbrella Rank: 2408 widget.us.criteo.com — Cisco Umbrella Rank: 25599 dis.criteo.com — Cisco Umbrella Rank: 648	14 KB
10	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 6384424.fls.doubleclick.net — Cisco Umbrella Rank: 534485 10100557.fls.doubleclick.net — Cisco Umbrella Rank: 539870 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	7 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	23 KB
7	cloudfront.net d1nldbz8jmu82w.cloudfront.net d3oig6rspwnkfc.cloudfront.net	238 KB
6	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5763 api.omappapi.com — Cisco Umbrella Rank: 6148 z.omappapi.com — Cisco Umbrella Rank: 14673	49 KB
5	google.ch www.google.ch — Cisco Umbrella Rank: 24974	885 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 766	141 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	871 B
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 5803 px.mountain.com — Cisco Umbrella Rank: 6034 gs.mountain.com — Cisco Umbrella Rank: 11859	9 KB
3	drift.com bootstrap.api.drift.com metrics.api.drift.com	8 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
3	gstatic.com fonts.gstatic.com	99 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 761	874 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1837	1 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 387	876 B
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 6961	28 KB
2	tvsquared.com collector-30678.us.tvsquared.com — Cisco Umbrella Rank: 534974	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	87 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	210 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2648	284 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1185	499 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	337 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2848	620 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4701	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33274	580 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2985	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 959	581 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 900	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1252	533 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1304	879 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10624	265 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 470	921 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 773	385 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1279	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 434	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2637	277 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1598	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	587 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 621	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 409	785 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 780	783 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	15 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4597	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1361	50 KB
1	goef.ch 1 redirects goef.ch	490 B
247	55

	Domain	Requested by
65	js.driftt.com	www.goaheadtours.com js.driftt.com
30	assets.goaheadtours.com	www.goaheadtours.com
19	a.opmnstr.com	www.goaheadtours.com a.opmnstr.com
18	a.storyblok.com	www.goaheadtours.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.goaheadtours.com
6	d1nldbz8jmu82w.cloudfront.net	www.goaheadtours.com
5	gum.criteo.com	4 redirects static.criteo.net
5	region1.analytics.google.com	www.googletagmanager.com
5	www.google.ch	www.goaheadtours.com
5	analytics.tiktok.com	www.goaheadtours.com analytics.tiktok.com
4	ups.analytics.yahoo.com	3 redirects
4	www.google.com	1 redirects www.goaheadtours.com
3	ib.adnxs.com	2 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	a.opmnstr.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.goaheadtours.com
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	a.omappapi.com	a.opmnstr.com
2	bootstrap.api.drift.com	js.driftt.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	x.bidswitch.net	1 redirects
2	dis.criteo.com
2	z.omappapi.com	a.opmnstr.com
2	px.mountain.com	dx.mountain.com www.goaheadtours.com
2	adservice.google.com	6384424.fls.doubleclick.net 10100557.fls.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	solutions.invocacdn.com	www.goaheadtours.com solutions.invocacdn.com
2	collector-30678.us.tvsquared.com	www.goaheadtours.com
2	connect.facebook.net	www.goaheadtours.com connect.facebook.net
2	10100557.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	6384424.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.goaheadtours.com www.googletagmanager.com
2	img2.storyblok.com	www.goaheadtours.com
2	www.goaheadtours.com	www.goaheadtours.com
1	metrics.api.drift.com	js.driftt.com
1	s.thebrighttag.com
1	hb.yahoo.net
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	gs.mountain.com	www.goaheadtours.com
1	widget.us.criteo.com	www.goaheadtours.com
1	sslwidget.criteo.com	1 redirects
1	www.facebook.com	www.goaheadtours.com
1	mug.criteo.com	www.goaheadtours.com
1	dx.mountain.com	www.goaheadtours.com
1	static.criteo.net	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	cdn.jsdelivr.net	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	api.omappapi.com	a.opmnstr.com
1	d3oig6rspwnkfc.cloudfront.net	www.goaheadtours.com
1	goef.ch	1 redirects
247	73

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
www.ustoa.com
app.monstercampaigns.com
www.efstudyabroad.com
www.efexploreamerica.com
girltrips.eftours.com
www.eftours.com
www.efultimatebreak.com
www.efgapyear.com
www.goaheadtours.ca
www.facebook.com
www.twitter.com
www.instagram.com
www.pinterest.com
www.youtube.com
www.ef.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-27` - `2024-04-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.storyblok.com Amazon RSA 2048 M02	`2023-08-17` - `2024-09-14`	a year	crt.sh
a.opmnstr.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
a.omappapi.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M02	`2023-02-28` - `2023-12-01`	9 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M02	`2023-05-29` - `2024-06-26`	a year	crt.sh
invocacdn.com Amazon RSA 2048 M02	`2023-09-24` - `2024-10-21`	a year	crt.sh
*.google.ch GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
3.212.39.155 Sectigo RSA Domain Validation Secure Server CA	`2023-02-15` - `2024-02-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
z.omappapi.com R3	`2023-09-03` - `2023-12-02`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
itm.ivitrack.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-16`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.goaheadtours.com/
Frame ID: 7F4EFE7DE818AC7B2F00022C5E32C914
Requests: 144 HTTP requests in this frame

Frame: https://6384424.fls.doubleclick.net/activityi;dc_pre=CNKttMDX3oEDFVJckQUdmaQOcQ;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=1755178549.1696501211;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F
Frame ID: FD2461B8633D282D3E03C354EACE3226
Requests: 2 HTTP requests in this frame

Frame: https://10100557.fls.doubleclick.net/activityi;dc_pre=CJ37tMDX3oEDFcdUkQUdpAkD-Q;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=1755178549.1696501211;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F
Frame ID: E67A9D1F43BA4E0DE44A3AAA2B48B7B2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.goaheadtours.com&origin=onetag
Frame ID: 44F584BEDFC2ACD2F7D5F75EDDCD197E
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RkCIgZizLxcDwpKLcap_CXjBV_EQZeLH-uVSyg&google_gid=CAESEKtH4l4cORg9H3xTNkMtnrM&google_cver=1&google_ula=913071,0
Frame ID: BD7D5260C1C3340BA462B5AA5627F513
Requests: 30 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=04cb6303-857c-4878-99e7-0b8e90b068b0&sessionStarted=1696501215.046&campaignRefreshToken=75e1af06-39f3-4a6b-a115-f4b9faf8d0a3&hideController=false&pageLoadStartTime=1696501210134&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
Frame ID: 89E17D560C748638EAAE45B6D970B909
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1696501210134
Frame ID: 412C0569B4AD1FF33DD128F9FA208698
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guided Tours & Group Travel Tours | EF Go Ahead ToursSearch

Page URL History Show full URLs

https://goef.ch/ HTTP 302
https://www.goaheadtours.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

247
Requests

95 %
HTTPS

35 %
IPv6

55
Domains

73
Subdomains

67
IPs

9
Countries

3089 kB
Transfer

8097 kB
Size

68
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bbb.org/us/ma/cambridge/profile/tour-operators/ef-go-ahead-tours-0021-61902/accreditation-information

Search URL Search Domain Scan URL

URL: https://www.ustoa.com/ef-go-ahead-tours

Search URL Search Domain Scan URL

URL: https://app.monstercampaigns.com/c/ea0lij4kne9fvbjrqfjn
Title: Request a catalog

Search URL Search Domain Scan URL

URL: https://www.efstudyabroad.com/
Title: EF Study Abroad

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/
Title: EF Explore America

Search URL Search Domain Scan URL

URL: https://girltrips.eftours.com/
Title: EF Tours for Girls

Search URL Search Domain Scan URL

URL: https://www.eftours.com/
Title: EF Educational Tours US

Search URL Search Domain Scan URL

URL: https://www.efultimatebreak.com/
Title: EF Ultimate Break

Search URL Search Domain Scan URL

URL: https://www.efgapyear.com/
Title: EF Gap Year

Search URL Search Domain Scan URL

URL: https://www.goaheadtours.ca/
Title: goaheadtours.ca

Search URL Search Domain Scan URL

URL: https://www.facebook.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.twitter.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.youtube.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.ef.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://app.monstercampaigns.com/c/w8bmijovdmcpkbdofhm7/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://goef.ch/ HTTP 302
https://www.goaheadtours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://6384424.fls.doubleclick.net/activityi;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=1755178549.1696501211;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F HTTP 302
https://6384424.fls.doubleclick.net/activityi;dc_pre=CNKttMDX3oEDFVJckQUdmaQOcQ;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=1755178549.1696501211;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F

Request Chain 67

https://10100557.fls.doubleclick.net/activityi;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=1755178549.1696501211;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F HTTP 302
https://10100557.fls.doubleclick.net/activityi;dc_pre=CJ37tMDX3oEDFcdUkQUdpAkD-Q;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=1755178549.1696501211;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F

Request Chain 78

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071918522/?random=1696501211021&cv=11&fst=1696501211021&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&hn=www.googleadservices.com&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&auid=1755178549.1696501211&uamb=0&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1071918522/?random=1696501211021&cv=11&fst=1696500000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&is_vtc=1&random=709772349 HTTP 302
https://www.google.ch/pagead/1p-user-list/1071918522/?random=1696501211021&cv=11&fst=1696500000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&is_vtc=1&random=709772349&ipr=y

Request Chain 123

https://gum.criteo.com/sid/json?origin=onetag&domain=goaheadtours.com&sn=ChromeSyncframe&so=0&topUrl=www.goaheadtours.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=JBPGgXxXSTNaUlBzS3orcWhPb0RIZEd1VFJaVHRibkVaV1F4SkVqWmhrMjd6Vk5pZVNWUjFLS1JuZEtDSXBHOEJ2bW9xVldJYVI1c3pDckpXcHVjeGxvWG13TEppZzVNTEZvcXl2bTU1V1Rlc2NTWWNSUUtGZDh2bVpzS1ByTk9pektydmdzWktVRmdNVnF6MGo4NXJxZ1VZYzlUTkEvVUYvK2VFQzU4cWJodE9Md3NwSFJ2d2V3UFVQVW0rbEhNSjdMaFVmcHRjd0I4cUVMK3orV1ZuYzFmVzU4K29ndGcxMG5zSkE0eklZTTJMcnFzN1E4QmtDWFpBclNpREtWZlZxT0RYbUR4OFNLWm9PWGJ4c1Y4R3pEcVdGZWxVQk9sM2xYbG0vUHByYTVNd0NLQT18&cppv=2

Request Chain 131

https://sslwidget.criteo.com/event?a=95679&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Ts9i0F9TWHNsWGx1Snc2ZmNqUUoxYXNWd3IxdVJOVzJqbHczZ2NYd0Z4NXUxcm1tODBEcTMxQ1lpVVpzMkh2T2kwblBhY250ZnJCclFJWDF4dVVTR1FrYlpSNHJpdUNrRWlCUUFpOVRTd0ZMc3JTY2FNaktDbmx3dnhUaGUzMnJYbVlWNHBNVVBTSlBVRUtnJTJGQW9CSEswWTZFVyUyRk80ajZDalJpQXJHYXppUjNPV2UwJTNE&tld=goaheadtours.com&fu=https%253A%252F%252Fwww.goaheadtours.com%252F&ceid=b0770b6f-a57d-4472-ba91-a422d437d1a3&dtycbr=40113 HTTP 302
https://widget.us.criteo.com/event?a=95679&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Ts9i0F9TWHNsWGx1Snc2ZmNqUUoxYXNWd3IxdVJOVzJqbHczZ2NYd0Z4NXUxcm1tODBEcTMxQ1lpVVpzMkh2T2kwblBhY250ZnJCclFJWDF4dVVTR1FrYlpSNHJpdUNrRWlCUUFpOVRTd0ZMc3JTY2FNaktDbmx3dnhUaGUzMnJYbVlWNHBNVVBTSlBVRUtnJTJGQW9CSEswWTZFVyUyRk80ajZDalJpQXJHYXppUjNPV2UwJTNE&tld=goaheadtours.com&fu=https%253A%252F%252Fwww.goaheadtours.com%252F&ceid=b0770b6f-a57d-4472-ba91-a422d437d1a3&dtycbr=40113

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RkCIgZizLxcDwpKLcap_CXjBV_EQZeLH-uVSyg&google_cm&google_hm=ay1Sa0NJZ1ppekx4Y0R3cEtMY2FwX0NYakJWX0VRWmVMSC11VlN5Zw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RkCIgZizLxcDwpKLcap_CXjBV_EQZeLH-uVSyg&google_gid=CAESEKtH4l4cORg9H3xTNkMtnrM&google_cver=1&google_ula=913071,0

Request Chain 143

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-dzwUM5izLxcDwpKLcap_CXjBV_GBmIRK7TYcxA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-dzwUM5izLxcDwpKLcap_CXjBV_GBmIRK7TYcxA&expires=30

Request Chain 144

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2466498290103013197

Request Chain 152

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&verify=true

Request Chain 155

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5MoMeZizLxcDwpKLcap_CXjBV_E6uO73tvWjjA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5MoMeZizLxcDwpKLcap_CXjBV_E6uO73tvWjjA&C=1

Request Chain 156

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=-1Zw8fY9u1HiRklbEN-Bwtqay0NtBC5s HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=-1Zw8fY9u1HiRklbEN-Bwtqay0NtBC5s

Request Chain 158

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k--8OT0ZizLxcDwpKLcap_CXjBV_G88f3MmAETbg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k--8OT0ZizLxcDwpKLcap_CXjBV_G88f3MmAETbg

Request Chain 171

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Jf7LjpRfEovulH88AA_aoEIAf-S7p7uK

Request Chain 172

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zdGdfMDd0RTJ1Ry5NNFlFcWtwa1BSU01kZmppUk93VH5B&ovsid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&dpid=58301

Request Chain 174

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=O9gR_SSf0skJEo0g6Y5lMN5tOTVtXYuk

247 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.goaheadtours.com/
Redirect Chain

https://goef.ch/
https://www.goaheadtours.com/

369 KB
44 KB

124ms
50ms

Document
text/html

2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

a7d9a2ff7fa9654293745469320ef432af8e8da2d503e62bf517e8fb804b9a2f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://app.storyblok.com http://app.storyblok.com/
Strict-Transport-Security	max-age=0
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 1472
cache-control: public, max-age=10, s-maxage=1800, stale-while-revalidate=86400
cf-cache-status: HIT
cf-ray: 8114ee331e023ca7-CDG
content-encoding: br
content-security-policy: frame-ancestors https://app.storyblok.com http://app.storyblok.com/
content-type: text/html; charset=utf-8
date: Thu, 05 Oct 2023 10:20:10 GMT
etag: W/"1158i52tqkp83ls"
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: Next.js

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8114ee326ab51d9a-FRA
date: Thu, 05 Oct 2023 10:20:09 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://www.goaheadtours.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FSeZZhvQcsFG%2BsgbEQoEJYogITPodwsoDOl2lpArMFS2lyADFk0Um9BY8N7DWEte9h4ktT6Jh40uaC8CIZ7%2BU3Rn%2Fk6El3E7WU3ZrUvVezQRFnWGcIeuI6m6CTg3tOkmNUVB61g"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 EFCircularSub-Black.woff2
d1nldbz8jmu82w.cloudfront.net/ 38 KB
38 KB 394ms
29ms Font
binary/octet-stream 2600:9000:223e:9400:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Black.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 318b3811fff78b9d51b1385ccafe830b1b731407f73d12aba87704ce4c8c478c

Request headers

Referer: https://www.google.com/
Origin: https://www.goaheadtours.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 21:25:44 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 26830467
x-cache: Hit from cloudfront
content-length: 38924
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "c7b73a297e6834c2d8a28ed7443489db"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ua3V97oI4DfFjwTBf0MVhosRP81WVfS_uM_T0dBmFySD3l7jfHGyqA==

GET
H2 200 EFCircularSub-Bold.woff2
d1nldbz8jmu82w.cloudfront.net/ 39 KB
39 KB 396ms
32ms Font
binary/octet-stream 2600:9000:223e:9400:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Bold.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 419e9ceec0f42d8d507ffd2bc953430abeb29bd2612358428d7b217deb284c5d

Request headers

Referer: https://www.google.com/
Origin: https://www.goaheadtours.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 19:40:28 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 6705583
x-cache: Hit from cloudfront
content-length: 39500
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "7cf902110636eb8fd0bb0e6f9603ecff"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5R9x9TSBsOdV1umxYjk_Qb5RFvGJIsrQjyws6jU4Su6SGzxscGmCbA==

GET
H2 200 EFCircularSub-Book.woff2
d1nldbz8jmu82w.cloudfront.net/ 36 KB
36 KB 416ms
52ms Font
binary/octet-stream 2600:9000:223e:9400:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Book.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569f041ebf1517bc89897ddeb38835b9d93afed9d870742c4e8b967464617b54

Request headers

Referer: https://www.google.com/
Origin: https://www.goaheadtours.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 00:34:24 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 22153547
x-cache: Hit from cloudfront
content-length: 36584
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "c2ee49959adcc23fac3d4f89f0b45956"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: jt6rSFQL9kmdyUWXv3C6sXBYTthZ_P3JLVze0prND8ZYWgrX18NULw==

GET
H2 200 EFCircularSub-Light.woff2
d1nldbz8jmu82w.cloudfront.net/ 38 KB
38 KB 422ms
59ms Font
binary/octet-stream 2600:9000:223e:9400:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Light.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7261c03942fe3aeae6c21a5e0d467a14b728a707eaf7e1d294a93683032d761

Request headers

Referer: https://www.google.com/
Origin: https://www.goaheadtours.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 04:45:56 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 7018455
x-cache: Hit from cloudfront
content-length: 38708
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "50d1fc1f8a1df6e37643b398421a8cb9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: w6D4UiE150JtOmo77jBNRMBPtTSWjKNYmnqAkSxRb97XBvTS-944hg==

GET
H2 200 EFCircularSub-Medium.woff2
d1nldbz8jmu82w.cloudfront.net/ 37 KB
38 KB 418ms
55ms Font
binary/octet-stream 2600:9000:223e:9400:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Medium.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ade30ddbc83c165140e004aa0bbe5f843cb479538451cdc208cb47e718e1593d

Request headers

Referer: https://www.google.com/
Origin: https://www.goaheadtours.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 24 May 2023 01:46:20 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 11608431
x-cache: Hit from cloudfront
content-length: 38168
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "bd219c26b950d61cbb1b9b69737f331d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wEhL8nrV1rp_hhzFxs8Ioy5FE3ROSv_ZKggVOLfszT3gjLecRMHOag==

GET
H2 200 2ead4924aca04952.css
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/css/ 4 KB
2 KB 78ms
53ms Stylesheet
text/css 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/css/2ead4924aca04952.css

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be2d9b5ed0447bf7d2b372d988938d87dab3d063e2252aa32dafc5cbb47f2d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 9c8fea304cc4dc64f018a09a43cea24a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:39 GMT
server: cloudflare
etag: W/"2d8a3a7ba8d59e8110c122ff81c433d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee339ed53ca7-CDG
x-amz-cf-id: 5gj-CQGThP2InIcUgnXV9R8-VmGDzW2SGsyFQuYyFz4Tg68MVcf5VA==

GET
H2 200 1bfc9850-0f75887cd9e987ac.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 8 KB
4 KB 57ms
52ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/1bfc9850-0f75887cd9e987ac.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59acc2cd0f6c6cc274d8114e38bc1a619b197bb16c0ff724fe42a2863f8e4b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:35 GMT
server: cloudflare
etag: W/"fc7bbfdd85e809c36c4bb7bed86a9cac"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee339ee33ca7-CDG
x-amz-cf-id: dVEv5gdkig5A-bISsncm0yCOVBCEsapPBaEs-i2s0pDkvongxYNjaA==

GET
H2 200 3962-812424537c1b6945.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 13 KB
5 KB 58ms
54ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/3962-812424537c1b6945.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01f880327fad37b992dbd6c1e7c1f0b576bb182788ad5b422b638bb3a101b70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 377eda51088ff7e8ba4d09b212e54946.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:36 GMT
server: cloudflare
etag: W/"3ab0fe802b1c2b98be6d94ea74af14d9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee339edf3ca7-CDG
x-amz-cf-id: YG8lPPYjKz0bU5xoZ9xNO5oTKrUi8HDJoQtp3rAMRyTPjd1iQXaKcw==

GET
H2 200 2622.871879df0a505eb7.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 9 KB
4 KB 60ms
55ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/2622.871879df0a505eb7.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582c863de4df81180468a0bf44b8f18a60803dc85528d00534935fd4d7ded404

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 3ef764497246fd6dbe77cf02e99dc95e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 137571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:35 GMT
server: cloudflare
etag: W/"6a7868146fac20a94e80eeba436bbf3a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee339ee03ca7-CDG
x-amz-cf-id: us1lCFyxlyDCMD40ibnGezB2JrU2gwwQe9fDHsX6nH73otrv2wwWOA==

GET
H2 200 8394.b3cae23c688cedcf.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 2 KB
900 B 61ms
57ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/8394.b3cae23c688cedcf.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673e457023ac61d43f651a944cc0b1d9948beff615aafc6aa7ae328e2ea0b43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"e0bf95d12efa2fc8780c776e883e0d26"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee339ee23ca7-CDG
x-amz-cf-id: DOyTNH4h6BcFvJkGoxHWOqKM70BlLipchOn4b77IfkNNodQOvLjM5g==

GET
H2 200 3296.38dac0c5fe8413c0.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 2 KB
897 B 61ms
57ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/3296.38dac0c5fe8413c0.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c843cf07186cb3b96ce97cc635ff2331db3fe4162012c771c5009c64aecade9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 0fbe9200309f14e6a7ec7ccd4461e0ea.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 14831
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:36 GMT
server: cloudflare
etag: W/"03b557be2a0cf0f293f2a780c5892e27"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee339edc3ca7-CDG
x-amz-cf-id: m40d7LscPSk1DGhLwS0QCu7pItoM_k1zg99-GNWP_jaAQwLKkl_6cQ==

GET
H2 200 9008.5ea0695c89b4c683.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 359 B
431 B 52ms
52ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/9008.5ea0695c89b4c683.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852bd0cacc917cf120c13a24ce9082d7cbbd0c20f8f74aadc5cc3f0863a3a0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 59bc3e2055e3408285b7a1afc7b2dd02.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"7cfb9534a2c464d8caf50ad569f1086e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee33ef553ca7-CDG
x-amz-cf-id: wTdadOcb7OFspK9kzitXJfm1i1oPAvQRdpLpO1_iIBBoL8yyZ3NNYw==

GET
H2 200 7698.2140e5e10b9ea19a.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 3 KB
2 KB 49ms
48ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/7698.2140e5e10b9ea19a.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e955ffc5c5f7aeba5e91a9d7b86dbd8f64a5a61fe816ac9ed81933f107e7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"7e0554c08e81c87095b75910ebefafa7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee33ef573ca7-CDG
x-amz-cf-id: nLSEOD280vUfmDkZ1TeAt2MFA-U4Ub_L0CqbDjpf5qIjeXlrIsarQA==

GET
H2 200 9191.be1918ed75cd6dea.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 4 KB
2 KB 47ms
47ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/9191.be1918ed75cd6dea.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b3cdf62af98b2557c88d5052927d9491b3bdadb29eb2bc4156ee32a581d608

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 98856bd09231d01c667222ebf203b580.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:38 GMT
server: cloudflare
etag: W/"b4f2fb78483137c7566b0a8496f2e8bf"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee33ef583ca7-CDG
x-amz-cf-id: onZrI2jq8VEOQE9YE8RXvzoLAubyR7PBtfLw6XkSTnvlAIfgoVIfIA==

GET
H2 200 6553.a0638fc0942c51e2.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 10 KB
4 KB 48ms
48ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/6553.a0638fc0942c51e2.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff3f080ca81726de6f6af5f1fc204edc7efed19b2141b53db9f589832bd5123

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 1c6904dfe9ea43b8174ab14c939bf754.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 137571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"06de178fd7d3566424ff767ac9d6b8ff"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee33ef5b3ca7-CDG
x-amz-cf-id: _3OJu_Fg0U8nng1FbbLb4v0Bsk-IiEDmqcS9S4UgIC4NGrMvMMpFSw==

GET
H2 200 7039.98c462ee438cd1c3.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 10 KB
4 KB 47ms
46ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/7039.98c462ee438cd1c3.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d65180699598cc634c94568f2d0575cd2271276f0258f809c7dcd257a849372

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 9dc53f7b4566e2d55363945ecd6518b2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 137571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"0a46a278e9c67a2ca64f3832a39e5bbf"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee33ff5e3ca7-CDG
x-amz-cf-id: UyanyFf-0-9mvNXKVSuXhTVnYu2Q3NGZ-cPs_YzunSSm-Es13ENV8A==

GET
H2 200 6743.1f145378ab33ae98.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 11 KB
4 KB 46ms
45ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/6743.1f145378ab33ae98.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca576224eadf33d00539fd0d7f912861526ff0b99b38994c169587737def7288

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 137571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"b1327e44b8a398e8f86ba59293c3f872"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee33ff5f3ca7-CDG
x-amz-cf-id: dblpG-9gm7rfWhQVpPO5rxrfWW_x4TPDWfwVI_B3VcvPgmyuIke5TQ==

GET
H2 200 9077.49faf05e525914ff.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 5 KB
2 KB 46ms
46ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/9077.49faf05e525914ff.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ff11e71dc336096127eacb0484ade7bd0c3b63b528bc9e8cee6a94537c4ccba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 98856bd09231d01c667222ebf203b580.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 137571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"245763587908ccf2248a79591fa8f7ee"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee343fc13ca7-CDG
x-amz-cf-id: 33ObMc7xl49A8UWm3Qcm3JBVNvKxHQJ3OKXDx9QkL3TV7JOIvHm4uQ==

GET
H2 200 1737.7c83986cf9c76219.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 3 KB
2 KB 47ms
47ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/1737.7c83986cf9c76219.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8be54f9df63756f7a72ca5721de8d3ed6fd99dc2d4c8dbe09b5439515028ab48

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 c520df9e82ad5c39d2b9c40e491eeeb6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138489
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:35 GMT
server: cloudflare
etag: W/"c39ecb079b7822d042fed1c3acfccbe9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee343fc23ca7-CDG
x-amz-cf-id: Zbe19EqxIfA4lsxAlYYvILD_thb_9VTtRtDe9qOO_8Qr2rLgkZdXfg==

GET
H2 200 6577.e4705015eaab3b92.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 7 KB
3 KB 47ms
47ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/6577.e4705015eaab3b92.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a361059537f5f2eb0ba1cde026c1e4ea305a48a13ff7a480bc8e40f3e9a8792

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 137571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"1c60f8fa03916a9ff5151bdcca3974e7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee343fc73ca7-CDG
x-amz-cf-id: QJhNyhnHGZLUbCTDuC7Ihr11WhyAl7TrEOzV65o6eG3r7X2nF9PGSw==

GET
H2 200 1947-bece24b97a236c26.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 4 KB
2 KB 45ms
45ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/1947-bece24b97a236c26.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ad809409817f7139138e19f5116f85889b390b19fa3883bc96379b50ada1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 3297a5976e2bfe60c9503c52ec1561a0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:35 GMT
server: cloudflare
etag: W/"00a92f072ca8e37631b45c71a646cbfe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee343fc93ca7-CDG
x-amz-cf-id: 5GV366fmJ7Ns4v8-kSBj1TfAZ6EMBruX8wLM5CQze44tn-x1U7FlDQ==

GET
H2 200 9908.1e84428f4865ddeb.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 3 KB
1 KB 44ms
44ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/9908.1e84428f4865ddeb.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed66405827a21a72b4df472a08b2978ab6e47405d80f6097a9a8f0d045d3f38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 b81d17a9e7eef1e489776410aee346e2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 137571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:38 GMT
server: cloudflare
etag: W/"402a889422590974475e8cb3d88c5ae1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee343fcc3ca7-CDG
x-amz-cf-id: sS60fnFPxY98irLqLP3dV1LIoE4vkzpinvTTCh53ShUz4I0_kKBPcw==

GET
H2 200 ea88be26-2052e29ca5f3f12f.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 289 KB
74 KB 54ms
54ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ea88be26-2052e29ca5f3f12f.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c12008459a92eaee91d2044d61926c8128c1fd573337f9b6a829af7394af259

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:38 GMT
server: cloudflare
etag: W/"c258d593a5248cbec5fbeab35e4b5ecb"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee344fcf3ca7-CDG
x-amz-cf-id: myo4s5dNljUadutXRafsQM0wJky6lpXuG49kqjmdmKQ4RVG_EIHBsQ==

GET
H2 200 2304-0eed472b840adb86.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 10 KB
5 KB 57ms
57ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/2304-0eed472b840adb86.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f262b7ab4bc7ac9bff363b4dcc6a68420dc195850d6218a1d66764639db5a8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 fcba64af08748c3d9b1a3ae3aeed39c0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:35 GMT
server: cloudflare
etag: W/"5fe40817ba977279d4a6427932996af9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee3488353ca7-CDG
x-amz-cf-id: xEqms7SoM-4eg9wHT3h6jE95KmGynApiexjw448bXDF1YxN1sK5eTA==

GET
H2 200 8240-34fc6a9d0905a451.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 4 KB
2 KB 49ms
48ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/8240-34fc6a9d0905a451.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bf37c357401c10712eb17dbd6433130c058d399d0b15a52cad8cb853c35db71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 3ef764497246fd6dbe77cf02e99dc95e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"724a8f9085c08db0b925f1b32abd54ab"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee3488383ca7-CDG
x-amz-cf-id: Lp6wp2fYzA2VHsxyeNL1waPTc8p0iaZ81r7ipj8qClqM-fZMb27xYw==

GET
H2 200 7395-c0088786452e63da.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 22 KB
5 KB 58ms
57ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/7395-c0088786452e63da.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25b2b402f5fb926c7f00bbce9664055f10729221d98fc2b90a311027acd8ee3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 6a29b506c0dc975f5344fdc44215aa70.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:37 GMT
server: cloudflare
etag: W/"939e3d8b74a21185cf2ec5ae45d737d5"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee34883c3ca7-CDG
x-amz-cf-id: H6SfWtl5j9CLv0DY4jW6ipcTDgBf6uuFfNt14jCkyk7vMg8_So6dLQ==

GET
H2 200 4203-6a8d399c406623b5.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 6 KB
3 KB 53ms
53ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/4203-6a8d399c406623b5.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7bea2b34fd0b108adcedee3a5fb35768cd5a1c0205ab825117a2b2ae6343b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:36 GMT
server: cloudflare
etag: W/"10d0e1b5a855193012c95eb720f2cd3d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee34883e3ca7-CDG
x-amz-cf-id: qrzAGcXZSFP8KZhpniBeoh2ypQTp65ejmN1ctFozJltN9qrZKHIRCw==

GET
H2 200 2194.cacd6acac50e7b95.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 6 KB
3 KB 57ms
57ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/2194.cacd6acac50e7b95.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40d4e90cbd08177f2a5a82d8afad079be9761510684dd0516a979b9ff1629035

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 64ca9347ad04534b1e47b07966197f28.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:35 GMT
server: cloudflare
etag: W/"60c572e9adcfb59da1bf4252024330a9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee3488403ca7-CDG
x-amz-cf-id: _JeuMKou5uPK4-dXNhnyt4DufU-AhsIe17e9VOZLH5-CCSGj_S0iUg==

GET
H2 200 webpack-fe7c3bc0399afa5b.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 8 KB
4 KB 48ms
48ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/webpack-fe7c3bc0399afa5b.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

612cbaec926606a6f6db9b8ca4ea86e954f7f89627dbe8715c4f1ed647bcb04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 4cdc479f5a3e085b3677cdfbbae00b5e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:39 GMT
server: cloudflare
etag: W/"4dea131334f61352446deec5ded85c4f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee3498593ca7-CDG
x-amz-cf-id: 1fMPeM4El5QLCzQLL7w_AxxIz4UkakEucM8nli6ZHfIsXDnbVepk9w==

GET
H2 200 framework-7588ad2408db5ed0.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 206 KB
58 KB 52ms
52ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/framework-7588ad2408db5ed0.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e9a6d909dc9c70587affdefea54ba839f8c9c539a0663db465b76d5968397eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 16de6e3636993b2d3f832b9ae653bd68.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:38 GMT
server: cloudflare
etag: W/"625309de35695215d4dbb306641ffb4f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee34d8dc3ca7-CDG
x-amz-cf-id: 2fEOGxCooi2_pantvKRaeCyMab4F_vE52Pu8Y6DEGwzi3HSaZSZisA==

GET
H2 200 main-c8310c53559c39d0.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/ 88 KB
27 KB 51ms
51ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/main-c8310c53559c39d0.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43acd90d3c65e3d6e25c372cb71c739f16379a7f18f64f28a6774b19a83bb559

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 7279057aafa9070c677136c3d9c68912.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:38 GMT
server: cloudflare
etag: W/"c9a0de5850adc552ea00041c449c68bc"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee34d8f13ca7-CDG
x-amz-cf-id: TujmrghFtF_5L_QBqU5fOz9jCv-ojSef4HnhvDxB_byuI8opoZnuEg==

GET
H2 200 _app-c0f59639ae339e9d.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/pages/ 891 KB
243 KB 61ms
61ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/pages/_app-c0f59639ae339e9d.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92174f6a87dd7459194e80268eff3ec0e41255529437cd4e878bee588d26a9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:38 GMT
server: cloudflare
etag: W/"e5dda53ecd4867d1e42e48ca1530dd14"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee34e8fc3ca7-CDG
x-amz-cf-id: gFM9kuBpclSfA_NcngKZxB0bMyQjXqPHC-D7TVK957iYfXxzm9UMpg==

GET
H2 200 index-315c0e08f5efceeb.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/pages/ 4 KB
2 KB 54ms
54ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/chunks/pages/index-315c0e08f5efceeb.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6f59384f6cb9627be4fa5b63e6a093cb39970d9369f49062dd2e3dde6a5c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 f71686f416809921055425c79026dd70.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 137571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:38 GMT
server: cloudflare
etag: W/"1bf3a6a9389b419b85bd82f0e32172af"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee34e8ff3ca7-CDG
x-amz-cf-id: V17_7SY3BUwfqzSXxMiyTjpUSzab31piCm-ntZ8hElnVoqyoHZpI_A==

GET
H2 200 _buildManifest.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/KtldV367epQlclX4jhoZW/ 11 KB
3 KB 64ms
64ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/KtldV367epQlclX4jhoZW/_buildManifest.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26282da4b7c00f4566548fae097a7ccad6841b90d015acfc7024fd6bfcaeba2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:35 GMT
server: cloudflare
etag: W/"49ee26e47db8673160b3590873dc6069"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee34e9013ca7-CDG
x-amz-cf-id: x5c04ca8zjTI9dG5LWI3u_SqAoyfr50pHu75yA8nwJIYFcsmi-EQXQ==

GET
H2 200 _ssgManifest.js Show response
assets.goaheadtours.com/web-ui-service/1696360686/_next/static/KtldV367epQlclX4jhoZW/ 77 B
225 B 46ms
46ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1696360686/_next/static/KtldV367epQlclX4jhoZW/_ssgManifest.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
via: 1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: CDG50-P1
age: 138864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 19:20:35 GMT
server: cloudflare
etag: W/"b6652df95db52feb4daf4eca35380933"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 8114ee34e9043ca7-CDG
x-amz-cf-id: M9-VNt5rNXm49ryDVbZaXouILDEs5X2qzHkZNJ020Xe3Snl5GgxuYA==

GET
H2 200 logo-gat-desktop-us-2x.png
img2.storyblok.com/f/53624/450x98/f800456b5c/ 20 KB
20 KB 374ms
34ms Image
image/png 65.9.66.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.storyblok.com/f/53624/450x98/f800456b5c/logo-gat-desktop-us-2x.png
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-95.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: ebcabaeaf48094ef947db06d5e531ea5837df7878afff31e07aa5b32ad08dae0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 04:28:29 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C1
age: 7019501
etag: "258395b987fab26ff9939a34ea2bc559f8c117fb"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
content-length: 20035
x-amz-cf-id: QTvdrSO1aghcJDbNBbtDIVN240GprYVCdpbwdlkJFwsglv9hDL4AqA==
expires: Mon, 15 Jul 2024 04:28:29 GMT

GET
H2 200 logo-gat-mobile-us-2x.png
img2.storyblok.com/f/53624/318x50/aa6b54c461/ 10 KB
10 KB 370ms
30ms Image
image/png 65.9.66.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.storyblok.com/f/53624/318x50/aa6b54c461/logo-gat-mobile-us-2x.png
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-95.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e563b4b6b27709874bb9d43e78e666705ac388159b8be03517fd00f6a934a224

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 18:14:51 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C1
age: 2217919
etag: "ee5c2527aaf8cfbb66514964e2b46a9c8b52e247"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
content-length: 9938
x-amz-cf-id: WGBUxe_CwfPBfmtdl14RCDvZ0P0ofh31kcRmOcDRLUS6bCFWgPzQsQ==
expires: Sun, 08 Sep 2024 18:14:51 GMT

GET
H2 200 api.min.js Show response
a.opmnstr.com/app/js/ 51 KB
18 KB 376ms
36ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/api.min.js
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 97f42f589e8dc951e4e08d648f931eb0bd8d91bef1f595eb6126d0b82bcaf9fd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 25 Sep 2023 16:44:37 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6511b8f5-cb6f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 1d5843cd48b346404620fb9070d93bed
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 398 KB
119 KB 405ms
65ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99feddd6110f0c7f242673459c2162ad5c9934a9d5f2935b5a3e94bfd3a3ae7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121163
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Oct 2023 10:20:10 GMT

GET
H2 200 1024x0
a.storyblok.com/f/53624/1024x529/1bb9ecce93/web_indiespromo_october.jpg/m/ 87 KB
88 KB 272ms
29ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1024x529/1bb9ecce93/web_indiespromo_october.jpg/m/1024x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 63c0446c7c0029b8052206e97f2e7319c5e7f61b16c8032d03f92ec03f39b593

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 04:00:29 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 109181
etag: "300a79d953d8f4ee6e89af8adfe248aa2980b13c"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 89178
x-amz-cf-id: Yvo2N9UVNvl2q31EAbsAcfHlZ43FJdwDB6RjDYD2obQiOjIds273vw==
expires: Thu, 03 Oct 2024 04:00:29 GMT

GET
H2 200 640x0
a.storyblok.com/f/53624/640x523/0fc99f8efe/offseasontravel_hp_q4.jpg/m/ 36 KB
37 KB 272ms
29ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/640x523/0fc99f8efe/offseasontravel_hp_q4.jpg/m/640x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: e9f780490551e01b62e4c9a91f74055b58e2643931f04e82943c880ddb4429bd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:07:45 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 195145
etag: "3495e1fe9188afa7136ad336a86180515bc58c69"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 37186
x-amz-cf-id: D39derxaWcPP7LY-WhiSQJogYNfNNLZ3y0KVNX1k-U9bcXCtDZxIOg==
expires: Wed, 02 Oct 2024 04:07:45 GMT

GET
H2 200 640x0
a.storyblok.com/f/53624/640x523/cc46902bcc/grandtours_hp_q4.jpg/m/ 44 KB
44 KB 272ms
29ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/640x523/cc46902bcc/grandtours_hp_q4.jpg/m/640x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: ac56cdfb455d6e7c8300391b2bc40767e2c328e71c9292390b540a69e2a93018

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:07:44 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 195146
etag: "8f10ce4f60b8ec2ae5ead5af2121fdca8e93e7fc"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 44698
x-amz-cf-id: TsAjXJn3eP_cXEOtHw8p61VjCDEhpPzqKW07CTAaby-0Y_WEmwrfCw==
expires: Wed, 02 Oct 2024 04:07:44 GMT

GET
H2 200 640x0
a.storyblok.com/f/53624/640x523/5e89bf4abd/newtrending_hp_q4.jpg/m/ 36 KB
36 KB 322ms
79ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/640x523/5e89bf4abd/newtrending_hp_q4.jpg/m/640x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: df50671350e30af789f10f002651e0cfa05d76b238f32b8463e40d7d6098abd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:05:07 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 11703
etag: "79d573ab477568da3f81379383dcb78ab0a540a0"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 36702
x-amz-cf-id: Y6Q7xbBBJpmXZh05qF3qp2RDFP-kIQDxDdxsyIm-75pc4yehH1EA0A==
expires: Fri, 04 Oct 2024 07:05:07 GMT

GET
H2 200 /
www.goaheadtours.com/ 64 KB
64 KB 52ms
51ms Image
text/html 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.goaheadtours.com/

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://app.storyblok.com http://app.storyblok.com/
Strict-Transport-Security	max-age=0
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:10 GMT
strict-transport-security: max-age=0
content-encoding: br
content-security-policy: frame-ancestors https://app.storyblok.com http://app.storyblok.com/
cf-cache-status: HIT
server: cloudflare
age: 1472
x-powered-by: Next.js
etag: W/"1158i52tqkp83ls"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: public, max-age=10, s-maxage=1800, stale-while-revalidate=86400
cf-ray: 8114ee340f733ca7-CDG

GET
H2 200 1024x0
a.storyblok.com/f/53624/1024x683/d3bb9a3eaf/hp_grouptravel_update2.jpg/m/ 154 KB
155 KB 322ms
79ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1024x683/d3bb9a3eaf/hp_grouptravel_update2.jpg/m/1024x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: f412437549c8ba029d57d8dad26ea46a31de7d190b9f33532db17188b98d655c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:23:09 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 194221
etag: "41320e77baa36ead4540445f715a8a4b65083044"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 158202
x-amz-cf-id: FJDcr3WgEA9CYFhnPoS01tckPWophIc48kksFAZzsD58csr4OlBWsg==
expires: Wed, 02 Oct 2024 04:23:09 GMT

GET
H2 200 1024x0
a.storyblok.com/f/53624/1024x683/5f749f44a5/hp_contenthub.jpg/m/ 41 KB
42 KB 74ms
72ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1024x683/5f749f44a5/hp_contenthub.jpg/m/1024x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 42079be35ad0d0e2b52f090fb07cf4587863e61be8ef47293ceec97ee5560504

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:55:53 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 19457
etag: "a6134473232bbf2cbbb7529db82545d87d5e1af5"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 42294
x-amz-cf-id: AziJmTsrJHrLqtJGIrcZHIhMSAEZzTsow56ZFuSUkj17dyaq_eVbvg==
expires: Fri, 04 Oct 2024 04:55:53 GMT

GET
H2 200 EFCircularSub-LightItalic.woff2
d1nldbz8jmu82w.cloudfront.net/ 38 KB
39 KB 328ms
65ms Font
binary/octet-stream 2600:9000:223e:9400:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-LightItalic.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4feda6639543cfbe6fbfc52198de2599d0b903689c96b6ce2f0a4e034ec60e59

Request headers

Referer: https://www.google.com/
Origin: https://www.goaheadtours.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 31 May 2023 13:49:51 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 10960220
x-cache: Hit from cloudfront
content-length: 39128
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "41c94a11ae5142ecb39eb66b2a82ba14"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: WTvE2xpboiW7tPbnrplzK3wfcNpwId7b91qfQMCa38ljA49QKCfUZQ==

GET
H2 200 academicons_chooseyourdestination.svg
a.storyblok.com/f/53624/x/9a735a41fd/ 732 B
1 KB 187ms
41ms Image
image/svg+xml 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/9a735a41fd/academicons_chooseyourdestination.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f43e194bad36d6d39054e1bd5da4bc4835829692ba445891bc2ff3e7da048760

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:17:06 GMT
x-amz-version-id: ltONzV_.xLsEuRnFZAEpBGBQoqOYEJQT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 14585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 732
last-modified: Tue, 11 Oct 2022 15:19:24 GMT
server: AmazonS3
etag: "405364b0810c70ff5504d2a8c4d96f8d"
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: MGXzu7Jpk4ujWHLa-cuNLpgi17Q4LLBT5aJfvj-GmOsAE1HUFbLNng==
expires: Wed, 11 Oct 2023 15:19:23 GMT

GET
H2 200 academicon_clubgo_earncredits.svg
a.storyblok.com/f/53624/x/7976d82ab6/ 571 B
1 KB 225ms
79ms Image
image/svg+xml 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/7976d82ab6/academicon_clubgo_earncredits.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50329428b5bb7153ccb0dd05a720dcec4dc5f3e5b28b12dafa2551f7de81ec3b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:17:06 GMT
x-amz-version-id: Kr7C7ClP3Yf9IsTWVe3TjW1eVe4.qhhe
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 14585
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 571
last-modified: Tue, 27 Sep 2022 17:47:34 GMT
server: AmazonS3
etag: "15058c954e4a3990b3fc54058c9a15d0"
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: TyY3LCmWU5w8e9fdCgXCrZRHdv94LlPS1HQLWh-XuA0INkn_FEHjnA==
expires: Wed, 27 Sep 2023 17:47:33 GMT

GET
H2 200 academicons_packyourbags.svg
a.storyblok.com/f/53624/x/4e941a4060/ 727 B
1 KB 223ms
77ms Image
image/svg+xml 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/4e941a4060/academicons_packyourbags.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 527a2ab93f12834cac411f2bf96d1548fa10333689c7ba8abd71e94922b41158

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:17:06 GMT
x-amz-version-id: Jrcoszio.qAid8z2Ot_HqdyhuHc1_oCf
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 14585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 727
last-modified: Tue, 11 Oct 2022 15:22:02 GMT
server: AmazonS3
etag: "fe64e9414bd9f7a7d65ef6f60877ad87"
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: fX21pjapHIkeKYLeTl0l1opwfxp_Jhb-_KvImYXBzcTBp9M3NbnTHQ==
expires: Wed, 11 Oct 2023 15:22:01 GMT

GET
H2 200 568x316
a.storyblok.com/f/53624/1600x720/c30dbc1689/tgi_oia_santorini_greece_3_domes.jpg/m/ 35 KB
35 KB 74ms
73ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1600x720/c30dbc1689/tgi_oia_santorini_greece_3_domes.jpg/m/568x316
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 7ddec3a2d69247482b88edf9c09e40131252980f87f9d70000892784534c1df7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:05:40 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 195270
etag: "f8aedd05b4e2ca77e2dfe48eb799b4fce88718a9"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 35394
x-amz-cf-id: 9_TEci8fTj8Jwxa5UJDto9a1OmxMe7pz1NmDWGxoR3Nen6rfEmIUtg==
expires: Wed, 02 Oct 2024 04:05:40 GMT

GET
H2 200 568x316
a.storyblok.com/f/53624/1600x900/bbb45fd8e2/wwr-5c3a2f0d7a1fe29521.jpg/m/ 41 KB
41 KB 74ms
73ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1600x900/bbb45fd8e2/wwr-5c3a2f0d7a1fe29521.jpg/m/568x316
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 15e10c12c89a1c23d0fb379eafde1bde16e36477f81be2d70ca464db27e037be

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:05:43 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 195267
etag: "e2692f479ea16b86015022f5b7af4838ee250e6d"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 42052
x-amz-cf-id: CmMK44xyi3-fSUVlQ6VDIpOJLGtcNc7AhndxJHNVOqwrGVRtHPJpCQ==
expires: Wed, 02 Oct 2024 04:05:43 GMT

GET
H2 200 568x316
a.storyblok.com/f/53624/4096x1260/606f0117a1/lss_4096x1260.png/m/ 39 KB
40 KB 74ms
73ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/4096x1260/606f0117a1/lss_4096x1260.png/m/568x316
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 99e5a5f4890fefa08fb2ad545d16e578c1c13bc741fb1e430a671f2c76f1a484

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 21:37:15 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 132175
etag: "711da37e6568e3f59fe3800c4b9f9f22cf73630f"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 40396
x-amz-cf-id: pRjitxyHWU7Jku-u37kb8rb_WWOrFDuHfP4Y2CUrWkVvCph24P73ZA==
expires: Wed, 02 Oct 2024 21:37:15 GMT

GET
H2 200 568x316
a.storyblok.com/f/53624/1600x720/b9ab090452/sca_copenhagen_denmark_nyhavn.jpg/m/ 64 KB
65 KB 74ms
73ms Image
image/webp 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1600x720/b9ab090452/sca_copenhagen_denmark_nyhavn.jpg/m/568x316
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: b8f156593b485ac2c6fcd60ac64e0f26de73210861991d48870110a050e9ad1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:05:08 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
age: 11701
etag: "849395c01166c51c36dea40b867750acbede30e5"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 65994
x-amz-cf-id: tjNQ097_-lWCyETkYuwB11BOT5gqgMDPQGHNkWkLYZz3YodpdZkJQA==
expires: Fri, 04 Oct 2024 07:05:08 GMT

GET
H2 200 bbb-logo-2023.png
a.storyblok.com/f/53624/200x42/541ebea2a4/ 4 KB
5 KB 79ms
78ms Image
image/png 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/200x42/541ebea2a4/bbb-logo-2023.png
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad989fea9b3d9e1c7dbf7532aefe9286f36ce3b2338804c77fa7dbfeafcdfb21

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:21:41 GMT
x-amz-version-id: .dAuFUz4iAlvKuX_5TVmyTFjRbjWUQW.
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 14310
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 4233
last-modified: Wed, 08 Feb 2023 21:31:30 GMT
server: AmazonS3
etag: "01857791b5d509fdfc43977de5d2f53e"
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mo_fPkRaeZ4VXRxqT6nyfHyH_Srb7FiuVJ-ayC5oyQG11OBxdhPtig==
expires: Thu, 08 Feb 2024 21:31:25 GMT

GET
H2 200 ustoa-retina.png
d3oig6rspwnkfc.cloudfront.net/ 9 KB
9 KB 111ms
28ms Image
image/png 2600:9000:214f:b200:12:66da:ca00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3oig6rspwnkfc.cloudfront.net/ustoa-retina.png
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b200:12:66da:ca00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acb6c568434728225b997b0f1e7068cf886cbad7ba4a1bf3a711b0b3f75bbcbf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:12:09 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Tue, 27 Nov 2018 18:39:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 12636
etag: "9e21e98df8d7981434ca3a3dcc1b20d3"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 8920
x-amz-cf-id: 1n4smXzpCosLhciWz2ZfgIYkpAkaABlfRPZdcscIVUobQbs8fZ2DXQ==

GET
H2 200 icon-mapleleaf-ca.svg
a.storyblok.com/f/53624/x/e41902a728/ 4 KB
2 KB 86ms
85ms Image
image/svg+xml 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/e41902a728/icon-mapleleaf-ca.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34290bcc7fffbeb7c5f213987b36ac33c167b9d1a72a2373c40bfa4be14f3c9c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:48:14 GMT
x-amz-version-id: tjJ.syXCCyClJUgqqTMImxHiPy23.Wm7
content-encoding: gzip
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 16317
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Apr 2020 19:43:02 GMT
server: AmazonS3
etag: W/"82a2e6eabd07b92b2741eba5f9cab1ce"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: 9beKERJGbnUj2ucaq6qOCKLk7rlSWMYCZ6vMq-47T0MF_7_-esr83A==
expires: Fri, 30 Apr 2021 19:43:01 GMT

GET
H2 200 illustration-footer-clouds.svg
a.storyblok.com/f/53624/x/358f5fd246/ 21 KB
11 KB 80ms
79ms Image
image/svg+xml 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/358f5fd246/illustration-footer-clouds.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67f3fc308975e1114ae6d9beb0c7b4eb0153f9038402fd78a354084cf2094de2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:50:51 GMT
x-amz-version-id: ke4qfXbMNs4mFk8m7pGmYvNjYJwuvKvn
content-encoding: gzip
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 192560
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Apr 2020 19:43:02 GMT
server: AmazonS3
etag: W/"a55e7bafdae3a3163aa2815e6d1b09df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: kNIbyPCE9_ijT2kyoEnKcCM9ji0KSBVfUHgd0wpogSYf5bC-up98yw==
expires: Fri, 30 Apr 2021 19:43:01 GMT

GET
H2 200 illustration-bonvoyage.svg
a.storyblok.com/f/53624/x/d19d8123b8/ 2 KB
1 KB 86ms
85ms Image
image/svg+xml 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/d19d8123b8/illustration-bonvoyage.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c418460b30462d253c0f0460ff64a45524d6c5a90ecbc6f6cb46ceddff91ca84

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:48:21 GMT
x-amz-version-id: MVySAqcGeCZGHp3pvczB3qa8BaywBbzd
content-encoding: gzip
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 16310
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Apr 2020 19:43:02 GMT
server: AmazonS3
etag: W/"28d91013c153b26022fb9d8a081241b5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: GgWzEbpyN0ZRPUJh4eWYIKS2fTxcWqz_8e8rPX9Kv2h7PrNl6pwzVw==
expires: Fri, 30 Apr 2021 19:43:00 GMT

GET
H2 200 illustration-footer-plane.svg
a.storyblok.com/f/53624/x/261fbc5836/ 14 KB
7 KB 80ms
79ms Image
image/svg+xml 18.66.122.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/261fbc5836/illustration-footer-plane.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d677c52b0dda864e5eb975106f53918f5e2dfb2b584ee65395b5dd0bb253989e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:48:21 GMT
x-amz-version-id: xSteh2lwJesm6oIgHK47boc8RJNbpiVM
content-encoding: gzip
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 16310
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Apr 2020 19:43:02 GMT
server: AmazonS3
etag: W/"28fdd4e4bf7c890b05ec9c2a9010c21a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: duZK0rJsrF4WUFV7EfEUFjG43dc-iG-uzUoQIj7aD45Ih8p_wlIg4A==
expires: Fri, 30 Apr 2021 19:43:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 120ms
36ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 7516f9aff006dced658ced4b577da1425b72add3677466abd9dca6fa4cb10d0b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 25 Sep 2023 16:46:01 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6511b949-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: abf9b28a2a6a9c6b2e0730831af8fc47
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 50504 Show response
api.omappapi.com/v2/embed/ 222 KB
34 KB 252ms
208ms XHR
application/json 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/50504?d=goaheadtours.com
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: a981d2a0fe86cfc8dd4dd414ac80bfa1aa593805e7ba79a91c83a3b9f7478a7e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-account: 56830
x-user-agent: standard--
last-modified: Wed, 04 Oct 2023 19:22:23 GMT
server: Pagely Gateway/1.5.1
etag: W/"62f9db21b4c24407b03043ea7bef6c78"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: xQaiKojihfaL2HFGi3zs6kAi5i2B3YTVobtUXW8knubi_l3A8x5iWQ==
expires: Thu, 05 Oct 2023 09:55:06 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 128 KB
50 KB 76ms
28ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-TGS58FP

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cd2d0511756cf5e8abd6dbe23b41a9529ea17bf882d1c726ed297b9f874af2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50653
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Oct 2023 10:20:11 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/937035465/ 3 KB
1 KB 109ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937035465/?random=1696501211015&cv=11&fst=1696501211015&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&hn=www.googleadservices.com&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&auid=1755178549.1696501211&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab7d7c10091669bfc0281934eb42b0d08e462ef98f82f3d356ee640c8e1837bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/951355816/ 3 KB
1 KB 108ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/951355816/?random=1696501211021&cv=11&fst=1696501211021&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&hn=www.googleadservices.com&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&auid=1755178549.1696501211&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b548d50df3b573e1b2d312706ea996b997ce51a1b90a203a3b276750270a3876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 79ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 05 Oct 2023 10:20:10 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD6A0125049541B094B99E91808F8B46 Ref B: ZRHEDGE1216 Ref C: 2023-10-05T10:20:11Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2

200

activityi;dc_pre=CNKttMDX3oEDFVJckQUdmaQOcQ;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=1755178549.1696501211;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafv... Show response
6384424.fls.doubleclick.net/ Frame FD24
Redirect Chain

https://6384424.fls.doubleclick.net/activityi;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=1755178549.1696501211;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;ua...
https://6384424.fls.doubleclick.net/activityi;dc_pre=CNKttMDX3oEDFVJckQUdmaQOcQ;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=1755178549.1696501211;u10=https%3A%2F%2Fwww.goaheadtour...

496 B
606 B

80ms
76ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6384424.fls.doubleclick.net/activityi;dc_pre=CNKttMDX3oEDFVJckQUdmaQOcQ;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=1755178549.1696501211;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

be84befed73c8c5ee2a1f2dff857e8e0e52f5a1cca07c4ba95043d5ce1c2f26f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 10:20:11 GMT
expires: Thu, 05 Oct 2023 10:20:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 10:20:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6384424.fls.doubleclick.net/activityi;dc_pre=CNKttMDX3oEDFVJckQUdmaQOcQ;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=1755178549.1696501211;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJ37tMDX3oEDFcdUkQUdpAkD-Q;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=1755178549.1696501211;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;... Show response
10100557.fls.doubleclick.net/ Frame E67A
Redirect Chain

https://10100557.fls.doubleclick.net/activityi;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=1755178549.1696501211;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafv...
https://10100557.fls.doubleclick.net/activityi;dc_pre=CJ37tMDX3oEDFcdUkQUdpAkD-Q;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=1755178549.1696501211;u3=https%3A%2F%2Fwww.goaheadtours....

493 B
607 B

72ms
70ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10100557.fls.doubleclick.net/activityi;dc_pre=CJ37tMDX3oEDFcdUkQUdpAkD-Q;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=1755178549.1696501211;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

e6bde3112462e03ceffe0adbc927bb3a85fc480e50a2dfe2e7cd075a6522c6a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 271
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 10:20:11 GMT
expires: Thu, 05 Oct 2023 10:20:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 10:20:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10100557.fls.doubleclick.net/activityi;dc_pre=CJ37tMDX3oEDFcdUkQUdpAkD-Q;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=1755178549.1696501211;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 search-insights@2.2.1 Show response
cdn.jsdelivr.net/npm/ 7 KB
3 KB 79ms
33ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/search-insights@2.2.1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d2e872be145886fa21dbfb0bdd82a6dd87de09470f3b4dc8a93c9548f1d365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19446392
x-jsd-version: 2.2.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-yyz4525-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1ca9-LlYameQWGdStxvp0hGBoUXhf4ow"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n88pDUrYex%2Bl%2FkNCte0EctTupMM3nzT3aH3VM4ANM%2F%2FK5QrMKD0uEwOs8nXvo3BNOs%2FMVRRPnh6CFfededc6CGh24i3uLJLrM93b54LTW9TCQSBS1nmwvaTmGwpDDOY7qfodxEFCZi8A9PEkBGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8114ee395f3d3c74-CDG

GET
H2 200 25957.js Show response
www.dwin1.com/ 44 KB
13 KB 211ms
132ms Script
application/javascript 2600:9000:214f:1e00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/25957.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2a76d22ca137ea3eff5681ed6fb5d4dbbb6771ea7642cbbbbca85a4c5089d3f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 6rOwqB7sPADaJWwH4kSR3Xa0FOdjaE0I
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date: Thu, 05 Oct 2023 10:20:12 GMT
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Sep 2023 12:48:26 GMT
server: AmazonS3
etag: W/"e4f78e3e5b8ff5bb6d9194907c305825"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: Rjl3QpD9bLGvN2jY8O9F7ApEAqHzuS6LNy6tVZbah2bypJN1l7frcQ==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 123ms
60ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7d348f3c19a844bbfaea04d35423ba1036d7f94a2f94c20d4dd397db70664d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 18 Sep 2023 19:54:36 GMT
server: nginx
etag: W/"6508aafc-b968"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:20:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 75ms
26ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Oct 2023 10:20:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: K39qTEA2Z6HLfxrGB8N63u02A4MFPsE57MWP4Nr1oPW3a6bKWa1Rll3NW8Hw51w1Q/ELxPdrFj87tpY28buUmQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 211ms
132ms Script
application/javascript 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCG7A9BC77UB2PF1JQKG&lib=ttq
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 40f587db77c42d9ff81973aae62253fa0d0adab045691910d64533d6f7ec2c31

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 15a0c0cf.7b523ac
date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 97,23.38.99.175
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=11, inner; dur=3
content-length: 2180
pragma: no-cache
server: nginx
x-tt-logid: 20231005102011641E56893DB5EF4A2DA2
x-cache-remote: TCP_MISS from a23-48-215-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.48.215.143
x-tt-trace-host: 014af3859b4d71ee855b516a7c490c87cfa6629bc267b1fbe5ba529f88008af344dde4021895042ea29f4b5db89e71e3f22e3dfd6b30ac6a395bbd70e1f6336e041846a3ab1363b7470ef06cecc8606e170aba064043ad649b5096087de417f1202d1ea76b268a087191a5e1477d0b2b9e
expires: Thu, 05 Oct 2023 10:20:11 GMT

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 21 KB
6 KB 487ms
121ms Script
application/javascript 44.209.137.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33640&tdr=&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&cb=61652111352590500term=value
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.137.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-137-118.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 5f1a64538f6cec595d6a889e30861e2ef8c05453822f8160423318b2dab86d5e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 2
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-30678.us.tvsquared.com/ 20 KB
9 KB 558ms
148ms Script
application/javascript 3.12.156.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-30678.us.tvsquared.com/tv2track.js
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.156.53 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-156-53.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 10:20:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 10:40:07 GMT
Server: nginx
ETag: "639c4b07-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Thu, 05 Oct 2023 10:30:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f85c9d6b79566a1d83a25ec3bcf7b88b036b8da1764d25e6cd9c5392738dc12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93154
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 10:20:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 09:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1718
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 05 Oct 2023 11:51:33 GMT

GET
H2 200 pnapi_integration-3.6.22.min.js Show response
solutions.invocacdn.com/js/ 88 KB
27 KB 119ms
37ms Script
text/javascript 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/pnapi_integration-3.6.22.min.js
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-63.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c03628d9933445974fb52e2a61530b55bfb27101c25716eb35a031a3a81151c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: b5VSbBCvyIgIGi5Q0RGVs6z9CVNIBn3w
content-encoding: br
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
date: Thu, 05 Oct 2023 09:21:46 GMT
last-modified: Sat, 14 Dec 2019 00:09:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 3505
etag: W/"96a7261523b2968017c7842b67ae47cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
x-amz-cf-id: f-zeTkMusTC7lcfqpZlUO7xaVvN3O9Tfu8R-4jFiogSSpN9_h6TIwg==

GET
H2

200

/
www.google.ch/pagead/1p-user-list/1071918522/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071918522/?random=1696501211021&cv=11&fst=1696501211021&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A...
https://www.google.com/pagead/1p-user-list/1071918522/?random=1696501211021&cv=11&fst=1696500000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours...
https://www.google.ch/pagead/1p-user-list/1071918522/?random=1696501211021&cv=11&fst=1696500000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours....

42 B
455 B

36ms
35ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/1071918522/?random=1696501211021&cv=11&fst=1696500000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&is_vtc=1&random=709772349&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ch/pagead/1p-user-list/1071918522/?random=1696501211021&cv=11&fst=1696500000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&is_vtc=1&random=709772349&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5065967.js Show response
bat.bing.com/p/action/ 0
116 B 45ms
45ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5065967.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 05 Oct 2023 10:20:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5ED744D993C54700AF546B815BF70EC9 Ref B: ZRHEDGE1216 Ref C: 2023-10-05T10:20:11Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
283 B 95ms
94ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5065967&tm=gtm002&Ver=2&mid=2e3a43d7-5dbd-4a08-9557-25c9dd200ccc&sid=c3ff5e50636811eea60169faeb7efddd&vid=c3ff89b0636811eebb67e775fefde089&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&p=https%3A%2F%2Fwww.goaheadtours.com%2F&r=&lt=1006&evt=pageLoad&sv=1&rn=52426

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 10:20:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B012B4E23C8542E581980607151CDE58 Ref B: ZRHEDGE1216 Ref C: 2023-10-05T10:20:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 102ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQM236SHEC&gtm=45je3a20&_p=1355845724&_gaz=1&cid=1217416224.1696501211&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696501211&sct=1&seg=0&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&en=page_view&_fv=1&_nsi=1&_ss=2&up.pagePath=%2F&up.pageUrl=https%3A%2F%2Fwww.goaheadtours.com%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 103ms
41ms Ping
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LQM236SHEC&cid=1217416224.1696501211&gtm=45je3a20&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 84ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQM236SHEC&gtm=45je3a20&_p=1355845724&cid=1217416224.1696501211&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696501211&sct=1&seg=0&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&en=_&ep.pageType=homepage&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 62ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQM236SHEC&gtm=45je3a20&_p=1355845724&cid=1217416224.1696501211&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1696501211&sct=1&seg=0&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&en=view_item_list&_c=1&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 37ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQM236SHEC&gtm=45je3a20&_p=1355845724&cid=1217416224.1696501211&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1696501211&sct=1&seg=0&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&en=view_item&_c=1&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
107 B 113ms
65ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LQM236SHEC&cid=1217416224.1696501211&gtm=45je3a20&aip=1&z=718897509

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5.77298452.min.js Show response
a.opmnstr.com/app/js/ 16 KB
6 KB 90ms
89ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/5.77298452.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 283ce4fc2baa0dfd2324b05b14d0530fc385ee92fea03e1bd0891aa8593bdff2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-587
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:42 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2e-4140"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: fabe94cb72d46b46695a3f8274d6f94d
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
www.google.com/pagead/1p-user-list/951355816/ 42 B
108 B 33ms
32ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/951355816/?random=1696501211021&cv=11&fst=1696500000000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&fmt=3&is_vtc=1&random=1170731975&rmt_tld=0&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/951355816/ 42 B
108 B 36ms
33ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/951355816/?random=1696501211021&cv=11&fst=1696500000000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&fmt=3&is_vtc=1&random=1170731975&rmt_tld=1&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/937035465/ 42 B
108 B 32ms
31ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/937035465/?random=1696501211015&cv=11&fst=1696500000000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&fmt=3&is_vtc=1&random=3224291029&rmt_tld=0&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/937035465/ 42 B
108 B 38ms
35ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/937035465/?random=1696501211015&cv=11&fst=1696500000000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&fmt=3&is_vtc=1&random=3224291029&rmt_tld=1&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 643626722363066 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 153ms
151ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/643626722363066?v=2.9.132&r=stable&domain=www.goaheadtours.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2307ae5c04ba3eaf7d72cac36f15e6229132bfb908d92de1c569cb644becb708

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Oct 2023 10:20:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: b+nCyFaBxSFDkSd4DO/XSY4BiQO2bT5abKXTj1T8k4fPN3edPON447z41CM8zmH27dgQw7u/QA0uWcjuD8DU5Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 44F5 15 KB
6 KB 129ms
33ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.goaheadtours.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 10:20:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 331999
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:21:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Oct 2023 10:21:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 30ms
29ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1355845724&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Next.js%20custom%20metric&ea=Next.js-hydration&el=186&_u=YCDAgEALQAAAACAEK~&jid=306863065&gjid=1581731661&cid=1217416224.1696501211&tid=UA-321712-14&_gid=67087914.1696501211&_slc=1&gtm=45He3a20n81NDTHZ2G&cd8=1696501211053.f57s6xe&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&cd2=1217416224.1696501211&z=309840807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 35ms
34ms XHR
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-321712-14&cid=1217416224.1696501211&jid=306863065&gjid=1581731661&_gid=67087914.1696501211&_u=YCDAgEALQAAAAGAEK~&z=1828364609

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Oct 2023 10:20:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNKttMDX3oEDFVJckQUdmaQOcQ;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=*;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame FD24 42 B
401 B 114ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNKttMDX3oEDFVJckQUdmaQOcQ;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=*;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F

Requested by

Host: 6384424.fls.doubleclick.net
URL: https://6384424.fls.doubleclick.net/activityi;dc_pre=CNKttMDX3oEDFVJckQUdmaQOcQ;src=6384424;type=us_sa001;cat=us_sa0;ord=5114951864967;auiddc=1755178549.1696501211;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJ37tMDX3oEDFcdUkQUdpAkD-Q;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=*;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;e...
adservice.google.com/ddm/fls/z/ Frame E67A 42 B
107 B 114ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ37tMDX3oEDFcdUkQUdpAkD-Q;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=*;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F

Requested by

Host: 10100557.fls.doubleclick.net
URL: https://10100557.fls.doubleclick.net/activityi;dc_pre=CJ37tMDX3oEDFcdUkQUdpAkD-Q;src=10100557;type=sa001;cat=gat_s0;ord=6567384777761;auiddc=1755178549.1696501211;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWQ0NWRkZTlhMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 389 KB
101 KB 26ms
25ms Script
application/javascript 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCG7A9BC77UB2PF1JQKG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 7b52435
date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921123816DACAEF28CA52516E21C4
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014219f47da98a68fb9124ea71253fdc082e47660ee420895f22e6921e9233e3f1671efef63825e16ed62e275371b72bc949e782c219bbf0edbff3521d26612935f744fe384463e138ed818261559cfe0207a9fb9d90fc7d02b1d6d290f663930e
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=108
content-length: 102667

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1403/0551656185/ 3 KB
1 KB 29ms
28ms Script
text/javascript 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1403/0551656185/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/pnapi_integration-3.6.22.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-63.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b7cf5a2660fb33477f53ab0b83471c49b60e3c7a324f3122fc1fe88ec1440dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: YdAJi8KFnkjmCYXujrCfIYcB_YG67gwF
content-encoding: br
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
date: Thu, 05 Oct 2023 10:20:11 GMT
last-modified: Wed, 10 Feb 2021 16:13:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 3
etag: W/"565280218e7a2bba54c932f3c8dc68d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: KtvWuAgQU6Zd59za472cttGq-f78ve4NLCi9N7ZXZNgv9sYIDB7Heg==

GET
H2 200 4.62cc77b7.min.js Show response
a.opmnstr.com/app/js/ 48 KB
14 KB 47ms
47ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/4.62cc77b7.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: e36a1932a305173bf65172ee69f7ef2b715316deff15f8a023c7872b5a6184fc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-bf88"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: dc0d62dac630985a7003573ceba8c526
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 58ms
57ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-321712-14&cid=1217416224.1696501211&jid=306863065&_u=YCDAgEALQAAAAGAEK~&z=1339696378

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
107 B 133ms
132ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-321712-14&cid=1217416224.1696501211&jid=306863065&_u=YCDAgEALQAAAAGAEK~&z=1339696378

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1355845724&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=eeImpressions&_u=aCDAgEALQAAAAGAMK~&jid=&gjid=&cid=1217416224.1696501211&tid=UA-321712-14&_gid=67087914.1696501211&gtm=45He3a20n81NDTHZ2G&cd8=1696501211062.4ktdq4bn&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&cd2=1217416224.1696501211&il1nm=slider_&il1pi1id=TGI&il1pi1nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi1pr=4019&il1pi1ps=0&il1pi1ca=TGI&il1pi2id=WWR&il1pi2nm=Germany%2C%20Switzerland%20%26%20Austria&il1pi2pr=3529&il1pi2ps=1&il1pi2ca=WWR&il1pi3id=LSS&il1pi3nm=Grand%20Tour%20of%20Ireland&il1pi3pr=3699&il1pi3ps=2&il1pi3ca=LSS&il1pi4id=SCA&il1pi4nm=Scandinavia%3A%20The%20Capitals%20%26%20the%20Fjords&il1pi4pr=4219&il1pi4ps=3&il1pi4ca=SCA&il1pi5id=IRL&il1pi5nm=A%20Week%20in%20Ireland%3A%20Dublin%2C%20Cork%20%26%20Galway&il1pi5pr=2489&il1pi5ps=4&il1pi5ca=IRL&il1pi6id=CRA&il1pi6nm=A%20Week%20in%20Croatia%3A%20Zagreb%2C%20Split%20%26%20Dubrovnik&il1pi6pr=3209&il1pi6ps=5&il1pi6ca=CRA&z=1204992908

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 09:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4152
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1355845724&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=379.9000015258789&_u=aCDAgEALQAAAAGAMK~&jid=&gjid=&cid=1217416224.1696501211&tid=UA-321712-14&_gid=67087914.1696501211&gtm=45He3a20n81NDTHZ2G&cd8=1696501211071.oyvh9pg6&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&cd2=1217416224.1696501211&il1nm=slider_&il1pi1id=TGI&il1pi1nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi1pr=4019&il1pi1ps=0&il1pi1ca=TGI&il1pi2id=WWR&il1pi2nm=Germany%2C%20Switzerland%20%26%20Austria&il1pi2pr=3529&il1pi2ps=1&il1pi2ca=WWR&il1pi3id=LSS&il1pi3nm=Grand%20Tour%20of%20Ireland&il1pi3pr=3699&il1pi3ps=2&il1pi3ca=LSS&il1pi4id=SCA&il1pi4nm=Scandinavia%3A%20The%20Capitals%20%26%20the%20Fjords&il1pi4pr=4219&il1pi4ps=3&il1pi4ca=SCA&il1pi5id=IRL&il1pi5nm=A%20Week%20in%20Ireland%3A%20Dublin%2C%20Cork%20%26%20Galway&il1pi5pr=2489&il1pi5ps=4&il1pi5ca=IRL&il1pi6id=CRA&il1pi6nm=A%20Week%20in%20Croatia%3A%20Zagreb%2C%20Split%20%26%20Dubrovnik&il1pi6pr=3209&il1pi6ps=5&il1pi6ca=CRA&z=1390010824

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 09:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4152
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
25ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1355845724&t=pageview&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEALRAAAAGAMK~&jid=&gjid=&cid=1217416224.1696501211&tid=UA-321712-14&_gid=67087914.1696501211&gtm=45He3a20n81NDTHZ2G&cd8=1696501211189.onv3d4hi&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&cd2=1217416224.1696501211&il1nm=slider_&il1pi1id=TGI&il1pi1nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi1pr=4019&il1pi1ps=0&il1pi1ca=TGI&il1pi2id=WWR&il1pi2nm=Germany%2C%20Switzerland%20%26%20Austria&il1pi2pr=3529&il1pi2ps=1&il1pi2ca=WWR&il1pi3id=LSS&il1pi3nm=Grand%20Tour%20of%20Ireland&il1pi3pr=3699&il1pi3ps=2&il1pi3ca=LSS&il1pi4id=SCA&il1pi4nm=Scandinavia%3A%20The%20Capitals%20%26%20the%20Fjords&il1pi4pr=4219&il1pi4ps=3&il1pi4ca=SCA&il1pi5id=IRL&il1pi5nm=A%20Week%20in%20Ireland%3A%20Dublin%2C%20Cork%20%26%20Galway&il1pi5pr=2489&il1pi5ps=4&il1pi5ca=IRL&il1pi6id=CRA&il1pi6nm=A%20Week%20in%20Croatia%3A%20Zagreb%2C%20Split%20%26%20Dubrovnik&il1pi6pr=3209&il1pi6ps=5&il1pi6ca=CRA&z=676629519

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 09:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4152
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13.a43c3690.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 74ms
74ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/13.a43c3690.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: e89767a717d5fa04154ca21c66d1d96e7a5d3844875f0083f6bf400f2441d297

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-af0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 978e325916e53f1af2885a27527776f1
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 19.b93023b7.min.js Show response
a.opmnstr.com/app/js/ 4 KB
3 KB 37ms
37ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/19.b93023b7.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-382
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-10b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 58897ba2f6b9bd5dfaf03976af01dc3e
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.78393e5b.min.js Show response
a.opmnstr.com/app/js/ 6 KB
3 KB 39ms
38ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/27.78393e5b.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:43 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2f-1973"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 06ae8143a907ecb2b50ea55bc5fb07b2
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 32.b9065693.min.js Show response
a.opmnstr.com/app/js/ 11 KB
5 KB 50ms
49ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/32.b9065693.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-588
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:33 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f25-2c41"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: faabada039d2b2a2248a5509d7ec5a20
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.60d422ac.min.js Show response
a.opmnstr.com/app/js/ 33 KB
10 KB 42ms
41ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/10.60d422ac.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 79daab4e83a4f5e90a968e225b13c924d174ff804fcccdee5164c1530d68c755

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 25 Sep 2023 16:44:38 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6511b8f6-82ca"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 03af78a84541d5c2b6efc742dabb0e6b
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.514c5def.min.js Show response
a.opmnstr.com/app/js/ 7 KB
3 KB 46ms
44ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/0.514c5def.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-1d49"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 40977055a0e2a1b5e23cc80b7d539be2
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.c66ab701.min.js Show response
a.opmnstr.com/app/js/ 2 KB
2 KB 52ms
50ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/9.c66ab701.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 18:28:00 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"650896b0-879"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 468a1d660e09c79f35153de6039b1191
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.38e902ad.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 47ms
45ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/11.38e902ad.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-a40"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6b6cded5d0bdf4335798b71fbd380e4e
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.377be946.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 48ms
47ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/28.377be946.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:51 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f37-d7b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 387ea69e6d4fab0f8456a274ee5f86f1
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 26.1898e425.min.js Show response
a.opmnstr.com/app/js/ 2 KB
1 KB 48ms
47ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/26.1898e425.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-6b6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7260de2820b3a8ef110c6279934e65a0
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.0e435a6f.min.js Show response
a.opmnstr.com/app/js/ 1 KB
1 KB 84ms
83ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/16.0e435a6f.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-662
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-51f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 55c4a4279259b189a66173521872e69d
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.ea963399.min.js Show response
a.opmnstr.com/app/js/ 11 KB
3 KB 86ms
85ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/1.ea963399.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:50 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f36-2abc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: acec5eba4abfca56432bcf9066979405
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.5aa698b1.min.js Show response
a.opmnstr.com/app/js/ 2 KB
2 KB 86ms
86ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/21.5aa698b1.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-588
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-81f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 72eadeb3a2bd5cda415b9749ecdf0665
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.1d4b97e9.min.js Show response
a.opmnstr.com/app/js/ 4 KB
2 KB 93ms
93ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/20.1d4b97e9.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:38 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2a-1062"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: cdc8d92896b3e977c9e9795b6337481f
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 17.24171f7e.min.js Show response
a.opmnstr.com/app/js/ 975 B
1 KB 84ms
84ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/17.24171f7e.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 228739c5660b9818a95c3b2c13f6c65cf4364f871c0cde499446c985be07a682

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 10/05/2023 04:44:01
cdn-pullzone: 293267
last-modified: Tue, 12 Sep 2023 04:06:13 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64ffe3b5-3cf"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 1dccc11e4560cdfbc28171afa042535f
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 25.f2bef543.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 89ms
89ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/25.f2bef543.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5af0576ae4724a12d65aa86acc4231c868e4e6087c87a0b57243c6ca6dd5b67c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 10/05/2023 04:44:00
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:39 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2b-d0a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 40bdb703638b11c7a8912ec493ac2ab3
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

sid Show response
mug.criteo.com/ Frame 44F5
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=goaheadtours.com&sn=ChromeSyncframe&so=0&topUrl=www.goaheadtours.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=JBPGgXxXSTNaUlBzS3orcWhPb0RIZEd1VFJaVHRibkVaV1F4SkVqWmhrMjd6Vk5pZVNWUjFLS1JuZEtDSXBHOEJ2bW9xVldJYVI1c3pDckpXcHVjeGxvWG13TEppZzVNTEZvcXl2bTU1V1Rlc2NTWWNSUUtGZDh2bVpzS1...

443 B
664 B

121ms
35ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JBPGgXxXSTNaUlBzS3orcWhPb0RIZEd1VFJaVHRibkVaV1F4SkVqWmhrMjd6Vk5pZVNWUjFLS1JuZEtDSXBHOEJ2bW9xVldJYVI1c3pDckpXcHVjeGxvWG13TEppZzVNTEZvcXl2bTU1V1Rlc2NTWWNSUUtGZDh2bVpzS1ByTk9pektydmdzWktVRmdNVnF6MGo4NXJxZ1VZYzlUTkEvVUYvK2VFQzU4cWJodE9Md3NwSFJ2d2V3UFVQVW0rbEhNSjdMaFVmcHRjd0I4cUVMK3orV1ZuYzFmVzU4K29ndGcxMG5zSkE0eklZTTJMcnFzN1E4QmtDWFpBclNpREtWZlZxT0RYbUR4OFNLWm9PWGJ4c1Y4R3pEcVdGZWxVQk9sM2xYbG0vUHByYTVNd0NLQT18&cppv=2

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

882a45cd944955fda5a7ebb324f96dac071df013546b093cc35df7a8601f2910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1150780
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=JBPGgXxXSTNaUlBzS3orcWhPb0RIZEd1VFJaVHRibkVaV1F4SkVqWmhrMjd6Vk5pZVNWUjFLS1JuZEtDSXBHOEJ2bW9xVldJYVI1c3pDckpXcHVjeGxvWG13TEppZzVNTEZvcXl2bTU1V1Rlc2NTWWNSUUtGZDh2bVpzS1ByTk9pektydmdzWktVRmdNVnF6MGo4NXJxZ1VZYzlUTkEvVUYvK2VFQzU4cWJodE9Md3NwSFJ2d2V3UFVQVW0rbEhNSjdMaFVmcHRjd0I4cUVMK3orV1ZuYzFmVzU4K29ndGcxMG5zSkE0eklZTTJMcnFzN1E4QmtDWFpBclNpREtWZlZxT0RYbUR4OFNLWm9PWGJ4c1Y4R3pEcVdGZWxVQk9sM2xYbG0vUHByYTVNd0NLQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 258335
content-length: 0
expires: 0

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 25ms
25ms Script
application/javascript 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 7b52487
date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202309071107134C1D973D0BE4B77EECAD
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01fde42a5bc31b1cf87263f2de4f7457f956047196fc0e034c690fef4cc4b75cbefca78688b9eb2afad975a6185c2bb86c8dae65e7f3d81d7f49fc9ede2d594b38fc43bedc0324960cd6ec376abb2b5c6456743cb2c5ade3146e118ed687474497
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length: 35926

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
792 B 161ms
161ms Ping
text/plain 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2012bb0a.7b524a9
date: Thu, 05 Oct 2023 10:20:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 125,23.38.99.175
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=38, inner; dur=35
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310051020112DCDA76FA0D5EB3CF7FF
x-cache-remote: TCP_MISS from a23-220-106-86.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.220.106.86
x-tt-trace-host: 014af3859b4d71ee855b516a7c490c87cfa6629bc267b1fbe5ba529f88008af344b3399b3c5f520b839723d7833f924331a80b36f1b1ef203c9c99c36f1e87d636a5704d86aa68dcc80fd8d9bb7fae982e5ed15a1462c93f11b4da18640b1a85a11ebf2b79b4e20147d990280566773c9b
access-control-allow-headers: Authorization,*
expires: Thu, 05 Oct 2023 10:20:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 75ms
25ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=643626722363066&ev=PageView&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&rl=&if=false&ts=1696501211456&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696501211454.1311084682&ler=empty&it=1696501211212&coo=false&exp=a1&rqm=GET

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Oct 2023 10:20:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1003 B 80ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C500&display=swap

Requested by

Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/4.62cc77b7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

211d8c9dcccd319acbdaa1d751176ecf1a44a82b9df56050f29e4a06502b007d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 10:20:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 10:20:11 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
789 B 63ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap

Requested by

Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/4.62cc77b7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a5471e7115bde2b91f8be92a788450b08b18f306ef7a2dce93064bafb3f93d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 09:59:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 10:20:11 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
726 B 71ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C500&display=swap

Requested by

Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/4.62cc77b7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12ba0c7fdf697f51afcc060e5c7a62be776fe9c631bb714964e15e4f65ddae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 10:20:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 10:20:11 GMT

GET
H/1.1 200
OK is Show response
3.212.39.155/ 32 B
437 B 474ms
120ms Fetch
text/plain 3.212.39.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://3.212.39.155/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33640&tdr=&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&cb=61652111352590500term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.212.39.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-39-155.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 4dd1814e6c5f2285b0b4da50ab6e5bcf9c19b97ebee71f7658ba80b7a9e6d83c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:11 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=95679&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Ts9i0F9TWHNsWGx1Snc2ZmNqUUoxYXNWd3IxdVJOVzJqbHczZ2NYd0Z4...
https://widget.us.criteo.com/event?a=95679&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Ts9i0F9TWHNsWGx1Snc2ZmNqUUoxYXNWd3IxdVJOVzJqbHczZ2NYd0Z4...

10 KB
5 KB

349ms
126ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=95679&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Ts9i0F9TWHNsWGx1Snc2ZmNqUUoxYXNWd3IxdVJOVzJqbHczZ2NYd0Z4NXUxcm1tODBEcTMxQ1lpVVpzMkh2T2kwblBhY250ZnJCclFJWDF4dVVTR1FrYlpSNHJpdUNrRWlCUUFpOVRTd0ZMc3JTY2FNaktDbmx3dnhUaGUzMnJYbVlWNHBNVVBTSlBVRUtnJTJGQW9CSEswWTZFVyUyRk80ajZDalJpQXJHYXppUjNPV2UwJTNE&tld=goaheadtours.com&fu=https%253A%252F%252Fwww.goaheadtours.com%252F&ceid=b0770b6f-a57d-4472-ba91-a422d437d1a3&dtycbr=40113

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9adbfde2962376cd425bd1e6ebada1af1303719b51651d8fcb29b74cfdd2bab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16213520
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=95679&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Ts9i0F9TWHNsWGx1Snc2ZmNqUUoxYXNWd3IxdVJOVzJqbHczZ2NYd0Z4NXUxcm1tODBEcTMxQ1lpVVpzMkh2T2kwblBhY250ZnJCclFJWDF4dVVTR1FrYlpSNHJpdUNrRWlCUUFpOVRTd0ZMc3JTY2FNaktDbmx3dnhUaGUzMnJYbVlWNHBNVVBTSlBVRUtnJTJGQW9CSEswWTZFVyUyRk80ajZDalJpQXJHYXppUjNPV2UwJTNE&tld=goaheadtours.com&fu=https%253A%252F%252Fwww.goaheadtours.com%252F&ceid=b0770b6f-a57d-4472-ba91-a422d437d1a3&dtycbr=40113
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3069323
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 99ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.goaheadtours.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 576066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 18:19:05 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 103ms
47ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.goaheadtours.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 576232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 18:16:19 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
18 KB 117ms
63ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d6f41fd18bcaa57afb4edbc8e4465e792fedc842111c787ad52bfb82231693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.goaheadtours.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 18:47:14 GMT
x-content-type-options: nosniff
age: 574377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18740
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 18:47:14 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
790 B 168ms
167ms Ping
text/plain 23.38.98.111
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.111 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-111.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1fd87e97.7b5256e
date: Thu, 05 Oct 2023 10:20:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 126,23.38.99.175
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=38, inner; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023100510201152727B13E926D8414CBA
x-cache-remote: TCP_MISS from a23-220-106-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.220.106.78
x-tt-trace-host: 014af3859b4d71ee855b516a7c490c87cfa6629bc267b1fbe5ba529f88008af344279c222b2f9911cbf636a82ad2dc90b6752186dd213a9d664d6ca9117067fe66e7fa6cb3700a626eb5e3c72334d298fe509ff927556e121557de4bc22f4c9133256e2889e5d988ebc0f44482a1ca127e
access-control-allow-headers: Authorization,*
expires: Thu, 05 Oct 2023 10:20:11 GMT

GET
H/1.1 200
OK tv2track.php
collector-30678.us.tvsquared.com/ 42 B
276 B 130ms
130ms Image
image/gif 3.12.156.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-30678.us.tvsquared.com/tv2track.php?action_name=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&idsite=TV-6390362718-1&rec=1&r=492695&h=12&m=20&s=11&url=https%3A%2F%2Fwww.goaheadtours.com%2F&_id=20017e67cba1bae2&_idts=1696501212&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=52
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.156.53 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-156-53.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Thu, 05 Oct 2023 10:20:11 GMT
Server: nginx
Connection: keep-alive
Request-Id: 3c0b537d-5fa2-463b-bbc2-e872aa48b6b7
Content-Length: 42
Content-Type: image/gif

GET
H2 200 304d619fda391aacffaa367bd3cb36e3-optin.json Show response
a.omappapi.com/app/campaign-views/71243615b528/alhmippjqh2dc1einghh/ 23 KB
5 KB 111ms
36ms XHR
application/json 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/71243615b528/alhmippjqh2dc1einghh/304d619fda391aacffaa367bd3cb36e3-optin.json
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: da95c8f525b77d7a72e24ff95bda7df85813c4cae1fc4c483710d3e3f9d6e0c8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:12 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 10/05/2023 06:57:01
cdn-pullzone: 293267
last-modified: Thu, 28 Sep 2023 14:40:29 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6515905d-5d51"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 69396eebd7822489361cb97c62b0bdbc
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 861ms
195ms Script
application/javascript 35.81.173.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-321712-14%3BG-LQM236SHEC&ga_client_id=1217416224.1696501211&shpt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-321712-14%3BG-LQM236SHEC%22%2C%22ga_client_id%22%3A%221217416224.1696501211%22%2C%22shpt%22%3A%22Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours%22%2C%22dcm_cid%22%3A%221696501211.1%22%2C%22dcm_gid%22%3A%2267087914.1696501211%22%2C%22mntnis%22%3A%22rcql4QtN6ezI1NJCvRbJ60aKZpOpsJQg%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1696501211.1&dcm_gid=67087914.1696501211&available_ga=%5B%7B%22id%22%3A%22UA-321712-14%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-LQM236SHEC%22%2C%22sess_id%22%3A%221696501211%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=33640&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&cb=61652111352590500term%3Dvalue&shadditional=criteo%3Dtrue%2Cgoogletagmanager%3Dtrue%2C&shpp=1&shpc=
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33640&tdr=&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&cb=61652111352590500term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 7265e359af3e211245dc312a6ebf471e69af504cd05137dcf922032ba7bd6339

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:12 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 0
connection: close

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
250 B 344ms
125ms XHR
text/plain 178.128.135.233
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=50504&cid=alhmippjqh2dc1einghh&sid=5b97dc7db8a90&rt=false&dv=desktop&cty=floating&url=&v=5
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.233 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/3.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.goaheadtours.com
Date: Thu, 05 Oct 2023 10:20:12 GMT
Access-Control-Allow-Credentials: true
X-Kong-Response-Latency: 17
Server: kong/3.3.1
Connection: keep-alive
vary: Origin

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 796ms
197ms Script
application/javascript 34.212.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: f97e825988704469f1abd617fa6c07db7823ee35437e911b9950e3685f1e4655

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:13 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 209ms
208ms Script
application/javascript 35.81.173.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-321712-14%3BG-LQM236SHEC&ga_client_id=1217416224.1696501211&shpt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-321712-14%3BG-LQM236SHEC%22%2C%22ga_client_id%22%3A%221217416224.1696501211%22%2C%22shpt%22%3A%22Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours%22%2C%22dcm_cid%22%3A%221696501211.1%22%2C%22dcm_gid%22%3A%2267087914.1696501211%22%2C%22mntnis%22%3A%22rcql4QtN6ezI1NJCvRbJ60aKZpOpsJQg%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1696501211.1&dcm_gid=67087914.1696501211&available_ga=%5B%7B%22id%22%3A%22UA-321712-14%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-LQM236SHEC%22%2C%22sess_id%22%3A%221696501211%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=33640&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&shadditional=criteo%3Dtrue%2Cgoogletagmanager%3Dtrue%2C&shpp=1&shpc=&cb=1696501212836686&shguid=b727ebd3-9127-39d6-9f84-02b33111485d&shgts=1696501213634
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:13 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 13
connection: close

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame BD7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RkCIgZizLxcDwpKLcap_CXjBV_EQZeLH-uVSyg&google_cm&google_hm=ay1Sa0NJZ1ppekx4Y0R3cEtMY2FwX0NYakJWX0VRWmVMS...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RkCIgZizLxcDwpKLcap_CXjBV_EQZeLH-uVSyg&google_gid=CAESEKtH4l4cORg9H3xTNkMtnrM&google_cver=1&google_ula=913071,0

43 B
369 B

58ms
34ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RkCIgZizLxcDwpKLcap_CXjBV_EQZeLH-uVSyg&google_gid=CAESEKtH4l4cORg9H3xTNkMtnrM&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 578831
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RkCIgZizLxcDwpKLcap_CXjBV_EQZeLH-uVSyg&google_gid=CAESEKtH4l4cORg9H3xTNkMtnrM&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame BD7D
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-dzwUM5izLxcDwpKLcap_CXjBV_GBmIRK7TYcxA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-dzwUM5izLxcDwpKLcap_CXjBV_GBmIRK7TYcxA&expires=30

43 B
344 B

23ms
23ms

Image
image/gif

3.127.97.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-dzwUM5izLxcDwpKLcap_CXjBV_GBmIRK7TYcxA&expires=30
Protocol: H2
Server: 3.127.97.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-97-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-dzwUM5izLxcDwpKLcap_CXjBV_GBmIRK7TYcxA&expires=30
date: Thu, 05 Oct 2023 10:20:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BD7D
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2466498290103013197

43 B
370 B

35ms
35ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2466498290103013197

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1006755
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
an-x-request-uuid: 307ab0bc-15df-421e-9e01-e7cb6cd355e0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2466498290103013197
x-proxy-origin: 195.206.105.131; 195.206.105.131; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame BD7D 53 B
783 B 154ms
82ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_AhRnpizLxcDwpKLcap_CXjBV_ErcMz-EaUq9g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 10:20:14 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Thu, 05 Oct 2023 10:20:14 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame BD7D 42 B
785 B 134ms
27ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-xGZS_pizLxcDwpKLcap_CXjBV_Fk-axtqPTVWg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame BD7D 0
35 B 124ms
25ms Image
text/plain 3.71.140.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-oCFC9ZizLxcDwpKLcap_CXjBV_Grk7ZUStA_bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.140.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-140-162.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:14 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame BD7D 43 B
587 B 190ms
70ms Image
image/gif 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-KyZUJ5izLxcDwpKLcap_CXjBV_Ghj1CqfBGEjw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Oct 2023 10:20:13 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BD7D 0
99 B 511ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-sgrNTJizLxcDwpKLcap_CXjBV_HdQ6-XWsQnGg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30935

GET
H2 200 um
criteo-sync.teads.tv/ Frame BD7D 23 B
277 B 163ms
56ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-0exCQJizLxcDwpKLcap_CXjBV_GzZp90cr3WgQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Thu, 05 Oct 2023 10:20:14 GMT
pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame BD7D 37 B
140 B 95ms
27ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-cTmG4JizLxcDwpKLcap_CXjBV_FUxgGeDmlA-g&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame BD7D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&verify=true

0
121 B

27ms
27ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&verify=true

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&verify=true
date: Thu, 05 Oct 2023 10:20:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame BD7D 43 B
163 B 164ms
40ms Image
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-PHa0YZizLxcDwpKLcap_CXjBV_E5K0asAVWs5Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:14 GMT
last-modified: Thu, 27 Jul 2023 14:20:27 GMT
server: nginx
accept-ranges: bytes
etag: "64c27d2b-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame BD7D 49 B
385 B 185ms
55ms Image
image/gif 54.77.251.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-ywXUAZizLxcDwpKLcap_CXjBV_E3rAuG1tPZ-A

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.251.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-251-23.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 8
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame BD7D
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5MoMeZizLxcDwpKLcap_CXjBV_E6uO73tvWjjA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5MoMeZizLxcDwpKLcap_CXjBV_E6uO73tvWjjA&C=1

43 B
324 B

46ms
46ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5MoMeZizLxcDwpKLcap_CXjBV_E6uO73tvWjjA&C=1
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYfOC1aMCLZ4rixd0Er8Dm6sDJf7B3qER0wDUEIlMq2DFc%2F6SWL7nPMRFv2rfiYCBRMEJfryV4VO0SN5PvEM0YpVjZqHR4sYyoKseqvTvOrmeCYCRmx%2FeLpOUM159E5RcuRx"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8114ee4cddcd23af-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1lLR0Se6biXhsyYwcXq4KsKxRBdSgYg2FDZ%2B0hiq5cgCbV%2BhBAgmtmdVCBMOoIWN8feFcu2PRCwh%2FUwCojuBadMklYF1T27ugjGLcCj%2Fgpa0mgDqsfUi3ZHrLTHmjaCMAq5"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-5MoMeZizLxcDwpKLcap_CXjBV_E6uO73tvWjjA&C=1
cache-control: no-cache
cf-ray: 8114ee4c7d4723af-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame BD7D
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=-1Zw8fY9u1HiRklbEN-Bwtqay0NtBC5s
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=-1Zw8fY9u1HiRklbEN-Bwtqay0NtBC5s

42 B
942 B

53ms
52ms

Image
image/gif

46.51.199.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=-1Zw8fY9u1HiRklbEN-Bwtqay0NtBC5s

Protocol

HTTP/1.1

Server

46.51.199.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-51-199-218.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v051-0aa13f573.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: b32sfXW+S3U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v051-0e5c5a289.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: c4eGkWApR4E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=-1Zw8fY9u1HiRklbEN-Bwtqay0NtBC5s
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame BD7D 43 B
921 B 82ms
27ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-cjnEWZizLxcDwpKLcap_CXjBV_FMjwGnVB18JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 05 Oct 2023 10:20:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame BD7D
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k--8OT0ZizLxcDwpKLcap_CXjBV_G88f3MmAETbg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k--8OT0ZizLxcDwpKLcap_CXjBV_G88f3MmAETbg

43 B
446 B

51ms
51ms

Image
image/gif

54.72.199.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k--8OT0ZizLxcDwpKLcap_CXjBV_G88f3MmAETbg
Protocol: H2
Server: 54.72.199.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-199-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Oct 2023 10:20:14 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k--8OT0ZizLxcDwpKLcap_CXjBV_G88f3MmAETbg
access-control-allow-origin: *
date: Thu, 05 Oct 2023 10:20:14 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame BD7D 42 B
265 B 82ms
28ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-eNse6pizLxcDwpKLcap_CXjBV_Fz2z5GWk7nQg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:13 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame BD7D 0
879 B 88ms
27ms Image
text/html 18.197.66.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-1qvlgJizLxcDwpKLcap_CXjBV_FFOEF0kVe1pA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.66.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-66-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:14 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame BD7D 43 B
533 B 176ms
62ms Image
image/gif 34.253.255.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-eSKnjZizLxcDwpKLcap_CXjBV_Eu7JMXIlPFGA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.255.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-255-215.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame BD7D 0
145 B 432ms
104ms Image
text/plain 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-FEn3aZizLxcDwpKLcap_CXjBV_F7wWj3DhhfMQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 10:20:14 GMT
Cache-Control: no-cache
X-TraceId: a20e6a20c8f837e53d1c149e958228ce
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame BD7D 42 B
581 B 176ms
36ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-tH8DppizLxcDwpKLcap_CXjBV_GFDvHadYO4HQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 05 Oct 2023 10:20:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame BD7D 43 B
399 B 408ms
119ms Image
image/gif 2600:1f18:612b:4280:608c:ccfd:554f:bc1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-1--GdpizLxcDwpKLcap_CXjBV_Gt7JzmfMx7DA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:608c:ccfd:554f:bc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 05 Oct 2023 10:20:14 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame BD7D 43 B
580 B 139ms
43ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-rRBbl5izLxcDwpKLcap_CXjBV_GsX1E8ib4idQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Oct 2023 10:20:14 GMT
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame BD7D 0
400 B 115ms
48ms Image
text/plain 23.32.185.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-YrX0PpizLxcDwpKLcap_CXjBV_Fu0LMC7_S9yA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Oct 2023 10:20:14 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 04 Oct 2023 10:20:14 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame BD7D 43 B
620 B 217ms
50ms Image
image/gif 34.255.244.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-_VmdBZizLxcDwpKLcap_CXjBV_Hd45EetxKP9Q&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.244.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-244-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1355845724&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=235.4000015258789&_u=aDDAiEALRAAAAGAMK~&jid=&gjid=&cid=1217416224.1696501211&tid=UA-321712-14&_gid=67087914.1696501211&gtm=45He3a20n81NDTHZ2G&cd8=1696501213964.dzr145ei&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&cd2=1217416224.1696501211&il1nm=slider_&il1pi1id=TGI&il1pi1nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi1pr=4019&il1pi1ps=0&il1pi1ca=TGI&il1pi2id=WWR&il1pi2nm=Germany%2C%20Switzerland%20%26%20Austria&il1pi2pr=3529&il1pi2ps=1&il1pi2ca=WWR&il1pi3id=LSS&il1pi3nm=Grand%20Tour%20of%20Ireland&il1pi3pr=3699&il1pi3ps=2&il1pi3ca=LSS&il1pi4id=SCA&il1pi4nm=Scandinavia%3A%20The%20Capitals%20%26%20the%20Fjords&il1pi4pr=4219&il1pi4ps=3&il1pi4ca=SCA&il1pi5id=IRL&il1pi5nm=A%20Week%20in%20Ireland%3A%20Dublin%2C%20Cork%20%26%20Galway&il1pi5pr=2489&il1pi5ps=4&il1pi5ca=IRL&il1pi6id=CRA&il1pi6nm=A%20Week%20in%20Croatia%3A%20Zagreb%2C%20Split%20%26%20Dubrovnik&il1pi6pr=3209&il1pi6ps=5&il1pi6ca=CRA&z=1987634733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 09:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4154
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1355845724&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=percent25&el=%2F&_u=aDDAiEALRAAAAGAMK~&jid=&gjid=&cid=1217416224.1696501211&tid=UA-321712-14&_gid=67087914.1696501211&gtm=45He3a20n81NDTHZ2G&cd8=1696501213988.f04znbsw&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&cd2=1217416224.1696501211&il1nm=slider_&il1pi1id=TGI&il1pi1nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi1pr=4019&il1pi1ps=0&il1pi1ca=TGI&il1pi2id=WWR&il1pi2nm=Germany%2C%20Switzerland%20%26%20Austria&il1pi2pr=3529&il1pi2ps=1&il1pi2ca=WWR&il1pi3id=LSS&il1pi3nm=Grand%20Tour%20of%20Ireland&il1pi3pr=3699&il1pi3ps=2&il1pi3ca=LSS&il1pi4id=SCA&il1pi4nm=Scandinavia%3A%20The%20Capitals%20%26%20the%20Fjords&il1pi4pr=4219&il1pi4ps=3&il1pi4ca=SCA&il1pi5id=IRL&il1pi5nm=A%20Week%20in%20Ireland%3A%20Dublin%2C%20Cork%20%26%20Galway&il1pi5pr=2489&il1pi5ps=4&il1pi5ca=IRL&il1pi6id=CRA&il1pi6nm=A%20Week%20in%20Croatia%3A%20Zagreb%2C%20Split%20%26%20Dubrovnik&il1pi6pr=3209&il1pi6ps=5&il1pi6ca=CRA&z=1223081634

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 09:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4155
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m5k7y7ds347b.js Show response
js.driftt.com/include/1696501500000/ 215 KB
61 KB 427ms
240ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1696501500000/m5k7y7ds347b.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6b59be2f48490e7fab65a6fa43c99851ed0026b9c651ffa9937f49ad57cc2a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:14 GMT
x-amz-version-id: l.B85eaiR5sX7u8JchWT4_t6lV2e1Zf2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Tue, 19 Sep 2023 20:16:03 GMT
server: istio-envoy
etag: W/"cfd0f6983bb181a781dd1c9ca318f995"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IOkg4cUdzdPCjOvTfRu02_rmJ2ZWREnrVQ90Gs6m_BqIDO6WCgRhGA==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BD7D
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Jf7LjpRfEovulH88AA_aoEIAf-S7p7uK

0
337 B

157ms
46ms

Image
text/plain

79.125.32.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Jf7LjpRfEovulH88AA_aoEIAf-S7p7uK
Protocol: H2
Server: 79.125.32.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-32-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: beacon-n006-dub-prod.krxd.net
date: Thu, 05 Oct 2023 10:20:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1696501214
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Jf7LjpRfEovulH88AA_aoEIAf-S7p7uK
date: Thu, 05 Oct 2023 10:20:14 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 580705
content-length: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame BD7D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zdGdfMDd0RTJ1Ry5NNFlFcWtwa1BSU01kZmppUk93VH5B&ovsid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&dpid=58301

53 B
499 B

156ms
52ms

Image
image/gif

23.48.23.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zdGdfMDd0RTJ1Ry5NNFlFcWtwa1BSU01kZmppUk93VH5B&ovsid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&dpid=58301

Protocol

Server

23.48.23.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-35.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 05 Oct 2023 10:20:14 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Thu, 05 Oct 2023 10:20:14 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zdGdfMDd0RTJ1Ry5NNFlFcWtwa1BSU01kZmppUk93VH5B&ovsid=k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w&dpid=58301
date: Thu, 05 Oct 2023 10:20:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame BD7D 43 B
854 B 42ms
25ms Image
image/gif 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-W82j-ZizLxcDwpKLcap_CXjBV_FL_MoTso4vxQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
an-x-request-uuid: 92e7c72e-1d83-4565-9a88-8e77dd35c27e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 195.206.105.131; 195.206.105.131; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame BD7D
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=O9gR_SSf0skJEo0g6Y5lMN5tOTVtXYuk

35 B
284 B

422ms
131ms

Image
image/gif

3.16.197.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=O9gR_SSf0skJEo0g6Y5lMN5tOTVtXYuk
Protocol: H2
Server: 3.16.197.138 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-197-138.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:14 GMT
x-bt-requestid: c63dedc0-6368-11ee-8688-0000ac170313
server: nginx
content-type: image/gif
access-control-allow-origin: https://www.google.com
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=O9gR_SSf0skJEo0g6Y5lMN5tOTVtXYuk
date: Thu, 05 Oct 2023 10:20:13 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 3825046
content-length: 0

GET
H2 200 core Show response
js.driftt.com/ Frame 89E1 2 KB
1 KB 128ms
127ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=04cb6303-857c-4878-99e7-0b8e90b068b0&sessionStarted=1696501215.046&campaignRefreshToken=75e1af06-39f3-4a6b-a115-f4b9faf8d0a3&hideController=false&pageLoadStartTime=1696501210134&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1696501500000/m5k7y7ds347b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

014c54f9c69b24966b07631c7e8e558f5539ec546d75a475defe14337d28e152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 05 Oct 2023 10:20:15 GMT
etag: W/"00133a3cf34b34b4e4ff44f62b5986b1"
last-modified: Tue, 19 Sep 2023 20:15:27 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-id: 3HZBytRNg5QGSlXj1aoVM1N73W7wsK49GlScZx4ZMzanj1QietGZYQ==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: ZNXLNC0ssKOxmDh5pl9NDq6HqHehrwEr
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 20

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 412C 2 KB
1 KB 129ms
129ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1696501210134

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1696501500000/m5k7y7ds347b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

014c54f9c69b24966b07631c7e8e558f5539ec546d75a475defe14337d28e152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 05 Oct 2023 10:20:15 GMT
etag: W/"00133a3cf34b34b4e4ff44f62b5986b1"
last-modified: Tue, 19 Sep 2023 20:15:27 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-id: WObzIEh5ouiXv4xSZMUdf03BCVZmaMaLc3yAeU8a6itTXVLJr0aYVw==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: ZNXLNC0ssKOxmDh5pl9NDq6HqHehrwEr
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 16

GET
H2 200 runtime~main.250b8c3b.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 6 KB
3 KB 30ms
29ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=04cb6303-857c-4878-99e7-0b8e90b068b0&sessionStarted=1696501215.046&campaignRefreshToken=75e1af06-39f3-4a6b-a115-f4b9faf8d0a3&hideController=false&pageLoadStartTime=1696501210134&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ab6259024d508e82f2100726285def9d2c67211afc10f9450dbb9efee58db5de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.google.com/
Origin: https://js.driftt.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:15:27 GMT
x-amz-version-id: INmBWBUTI7s8HQHrQELARWPZPG_qc8WA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1346688
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 15 Sep 2023 20:51:10 GMT
server: istio-envoy
etag: W/"187268a131d0fc1896127a07856617bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6XZFeJYWHDcUXg0R6F4_E9UXFI6LLovrJY6FbaDep0FDp4-IgEDKrQ==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 35 KB
13 KB 31ms
30ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.google.com/
Origin: https://js.driftt.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21660919
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9OTgvYCX89tb2VdFqXnJ91BDmKcBnZt5MAQqnn03I_HkyQ5v7JheFg==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 7 KB
3 KB 31ms
30ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.google.com/
Origin: https://js.driftt.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: OTiYyuMgyycXvMHseM5MN77RPTRQczpn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1302801
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Mon, 18 Sep 2023 19:58:07 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OQEGFrpedwxZk0CSjeKWbtbk6V2eBm9tUpLptQQpLoCkrtBy1h-Q6A==

GET
H2 200 runtime~main.250b8c3b.js Show response
js.driftt.com/core/assets/js/ Frame 412C 6 KB
3 KB 25ms
25ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1696501210134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ab6259024d508e82f2100726285def9d2c67211afc10f9450dbb9efee58db5de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.google.com/
Origin: https://js.driftt.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:15:27 GMT
x-amz-version-id: INmBWBUTI7s8HQHrQELARWPZPG_qc8WA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1346688
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 15 Sep 2023 20:51:10 GMT
server: istio-envoy
etag: W/"187268a131d0fc1896127a07856617bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4xIS15_b0qiw4Vt9Zn0wLNNqZ1ZaDZ9mPCtgucoT4g9qxlA3C2TZnQ==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 35 KB
13 KB 28ms
27ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1696501210134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.google.com/
Origin: https://js.driftt.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21660919
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y1PGVgX0pszvRSdtEQFd9dhQ5-MQTHRwPh2hoDPvt4h5Zd7kBzcmtA==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 7 KB
3 KB 28ms
28ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1696501210134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.google.com/
Origin: https://js.driftt.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: OTiYyuMgyycXvMHseM5MN77RPTRQczpn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1302801
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Mon, 18 Sep 2023 19:58:07 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -IK_rAdWPA1ze0wjzvTwikzYwqGqewXZjo3v8oriZRB0DyY9i1mVYg==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 23 KB
8 KB 26ms
25ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 01:45:42 GMT
x-amz-version-id: QZtKcKkqFh2Uk4IvDTqkNiRMO.MEc6F8
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3314073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 21 Aug 2023 14:57:26 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y0yG9n-gDLCCTGxwaWLU1jIa6Ob0GT5oSJ__EBLF_Je2HaZvryNVgw==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 36 KB
10 KB 29ms
28ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 23:55:35 GMT
x-amz-version-id: .9Z1hFvkMGOKBXSr0z8XOGr_QD6PPYGP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4357480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Fri, 11 Aug 2023 16:01:20 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rHZ5qHeSsZhzOZoQ2nsRHp6z0UpqXbQ2qAC2qMx9khgW4MjPknRq9A==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 32 KB
11 KB 32ms
31ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:16:45 GMT
x-amz-version-id: b6Bt2g8ryVQoHB7t6bzl84fc0qn29fSy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7286610
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 12 Jul 2023 14:36:16 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xSdtEMWJpeaSQaAWtCMCWoh4uSmTIGNprZevK6OqEd7sm2r2NVSAxA==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 17 KB
6 KB 33ms
31ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:11:00 GMT
x-amz-version-id: Au8F3Ar_U1LqcmITQ7kozyIXP1hU0l.o
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6422955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 61
last-modified: Fri, 21 Jul 2023 20:53:08 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oD8zOo_3mnJSYc-7NcH2qD5nyslOO0cBp_07Fwmg_BRGodhjhcr9bA==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 25 KB
8 KB 35ms
34ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 23:55:35 GMT
x-amz-version-id: Gp2dtlKh208YR70UI5PUzEC2uodfavWf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4357480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 11 Aug 2023 16:01:20 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wJ7PExzJhdN2Q3iRMEDJxVsK4xS92iDP-kbAAfZak5afIeo-85TXmQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 74 KB
23 KB 40ms
38ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:18 GMT
x-amz-version-id: tpgacrQ52XYRAJzwU6or.lrZGF0wZZj1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6107217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 26 Jul 2023 13:14:42 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 82F7H_0oIXikzcSVncRj4ISBkiwFcKjYP3VqDctM_Eh0yUQrFrfw1A==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 66 KB
20 KB 46ms
45ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 10:11:06 GMT
x-amz-version-id: QuflpVsRjQoeLsgyzbb2dO87jCp6veQD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5098149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sEZ2BBMuZAWE930Fz-kVmsSdWioS_FvG4GUefbyC1GX-7_HRR8KvPg==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 91 KB
28 KB 52ms
51ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 08:49:23 GMT
x-amz-version-id: ivQMayQoxYPrsJJ_uTz8OzBvhj3ZlBwm
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7090252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 12 Jul 2023 14:36:15 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -JtyKkc-j-jkq7OXW8sRXMB986s2m3XhqsCNxUSniJyIo9sXMgKLyw==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 23 KB
7 KB 57ms
57ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 01:45:42 GMT
x-amz-version-id: kjsgkmFh.GnFcyw4pHTlnQqAwDZ4.mYa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3314073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Mon, 21 Aug 2023 14:57:24 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gy065atpVASUHV1LlFQiKjmPdRMDHCcfbMnnK92rFV04VdIzyAW12w==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 62 KB
20 KB 60ms
59ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 03:36:34 GMT
x-amz-version-id: fCU1rHK8PZHGjSHZj5aLYRigEERsAl0V
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5121820
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zFAXotMhHIUr3ERcHObR9pT3kwK0lCPF8fdeaorSWSbNJTuUJVSV6Q==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 105 KB
34 KB 64ms
63ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:19 GMT
x-amz-version-id: nu5YPPYpbxwbA5KeFnNDvED6qjQ46e.5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6107216
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Wed, 26 Jul 2023 13:14:43 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ai74hIISfud5nB9PPztIgeMNnFfqKcStORYU6LBs2Z-pE25UDPJlPQ==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 12 KB
4 KB 100ms
99ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 19:12:12 GMT
x-amz-version-id: NUGZxvPg7W.acSsa10LtQDbxO8WVBOao
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6102483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Wed, 26 Jul 2023 13:14:42 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZdvaHMQTCOKy4OecPRkdYyLxeaQ0VpdwLOc62EMgyYsZrouWPvwPyw==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 13 KB
6 KB 100ms
100ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 22:57:09 GMT
x-amz-version-id: LpOGcCN0tTTni4jtht.pQLzX33GYkDdT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7125786
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Wed, 12 Jul 2023 14:36:16 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VYtgLVokdRgQ-uRSqvuIwRN2iDny6X_y39A6YIS0UhNDD3lRpeAIRA==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 17 KB
7 KB 101ms
100ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 02:40:25 GMT
x-amz-version-id: rITDjXEpthOTAiahCXONMRPruIsBsv5Z
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5125190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R8uR7BS3cYl_Uf_rRI-Ytai7POSDrq6SujjGhdVQhF_67LDWi-GZ3g==

GET
H2 200 8.7602338c.chunk.css
js.driftt.com/core/assets/css/ Frame 89E1 31 KB
4 KB 101ms
100ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.7602338c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:50:08 GMT
x-amz-version-id: q66dX6dU5ESudoXt4AefzwSKn47c9cKn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2561407
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Mon, 04 Sep 2023 22:45:58 GMT
server: istio-envoy
etag: W/"76d0343f1f9f445c80d5c68c2a35b6e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FEEnyMajJabWsyafi9RBbx_2HrCCPU0WpSaByzFqa9v1y-YOVLa_kg==

GET
H2 200 8.eba5dae8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 81 KB
26 KB 102ms
101ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.eba5dae8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c871f116084716e74638906e8f72d572ad0b429fe4ffd1e6524698f8863e6eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:50:08 GMT
x-amz-version-id: mBPubbVlcoGyCFUAJnlHcT2v7IEHPkOa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2561407
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 64
last-modified: Mon, 04 Sep 2023 22:46:02 GMT
server: istio-envoy
etag: W/"e5667c6d6613c671dc878d325651ed30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vuY-dKNZ6Ds2-y2cuPHUzPR5wOcdpQIdlA4JC2c6wYGpBdVXkBjQZg==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 89E1 24 B
697 B 101ms
101ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:55:06 GMT
x-amz-version-id: X5qMPjTBZh_EXTsHKYZdHpoQ.o7TDnrq
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 6107109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
content-length: 24
last-modified: Wed, 26 Jul 2023 13:14:40 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 51uFfrOnclZV_OZWDQtnOoQp_mKQ08suhvrLQHqNZXC0TZGdkq5tpA==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 91 KB
24 KB 103ms
102ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 04:36:24 GMT
x-amz-version-id: it8iZm_DIEh8shbvI0o3g6PsgOCzAp9y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1921431
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 85
last-modified: Thu, 07 Sep 2023 15:58:12 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UqivOpNFyVg4-CXzcUifYt5kPphyCRCVY2oj-h00Oczdz1UkTYWYOg==

GET
H2 200 24.b8195d6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 50 KB
14 KB 104ms
103ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.b8195d6f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

13e6d3edf54c6c00bfa34948557a2988bd13c12dfa05426e2f96841e05859f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:15:27 GMT
x-amz-version-id: VrlnP2ljCYKV4aqktyeLhDSqfEtxPA8K
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1346688
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 15 Sep 2023 20:51:06 GMT
server: istio-envoy
etag: W/"28a73cfbb87b842bc4035605050cf485"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uHDrWgBlW5oDj4CmZWmshwihCl6R3h-8Oz5PQm13seUC85D451OXWA==

GET
H2 200 17.10f4dc86.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 40 KB
13 KB 105ms
104ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.10f4dc86.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e51a2be6b9ef83a35f3c668ee14a711245586dd5d64abec9609d71586063b5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:15:27 GMT
x-amz-version-id: wYenZXx3wWk5yohfiJf5T8DgKkEzKw25
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1346688
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 15 Sep 2023 20:51:06 GMT
server: istio-envoy
etag: W/"73b73361bca65f89bc335da0149e0de6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wVVYIEiWAT-RXAfNe06suiB_Uc6hRIhYd4w9yud1dAMb26NkzTTCFQ==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 23 KB
8 KB 101ms
100ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 01:45:42 GMT
x-amz-version-id: QZtKcKkqFh2Uk4IvDTqkNiRMO.MEc6F8
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3314073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 21 Aug 2023 14:57:26 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: caXhr_kgNia29c8vVjTziCWQhbj4CD3Lna4tmpcPH7mLmu2xQFnSIg==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 36 KB
10 KB 102ms
99ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 23:55:35 GMT
x-amz-version-id: .9Z1hFvkMGOKBXSr0z8XOGr_QD6PPYGP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4357480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Fri, 11 Aug 2023 16:01:20 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JUv5Z1HA9Z0nvgRVZHviiH1WA7FT6X00AoqI2PsBO29EvV0BzJd1sA==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 32 KB
11 KB 103ms
99ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:16:45 GMT
x-amz-version-id: b6Bt2g8ryVQoHB7t6bzl84fc0qn29fSy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7286610
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 12 Jul 2023 14:36:16 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dUU-iuQ-0LL8fFroq7JJYPXH3Bu9f2IZxKE-NDv_NFKRsDGaNaaNJQ==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 17 KB
6 KB 103ms
100ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:11:00 GMT
x-amz-version-id: Au8F3Ar_U1LqcmITQ7kozyIXP1hU0l.o
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6422955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 61
last-modified: Fri, 21 Jul 2023 20:53:08 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tv0ygKD7shqKg4GrI05Lt4MPM8G61U5wCg4w4zYvn_IffroKH48iRw==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 25 KB
8 KB 104ms
101ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 23:55:35 GMT
x-amz-version-id: Gp2dtlKh208YR70UI5PUzEC2uodfavWf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4357480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 11 Aug 2023 16:01:20 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JmTBJZmm7mE9HtnAdFz3LjYVIKeGjT7m2oD7xejN6mfAPifJHdeydw==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 74 KB
23 KB 104ms
101ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:18 GMT
x-amz-version-id: tpgacrQ52XYRAJzwU6or.lrZGF0wZZj1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6107217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 26 Jul 2023 13:14:42 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x4DmhfbVvbDJhE2-BP4AT0xTLXSZpxPEs0BNefgDFuPwq1nc8gW7Pw==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 66 KB
20 KB 105ms
102ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 10:11:06 GMT
x-amz-version-id: QuflpVsRjQoeLsgyzbb2dO87jCp6veQD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5098149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pYIBL7nTx_sbnuI9VKC6Q2xjrzwpwNjHpc-bkSZEtFUEPTEaq5oKWg==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 91 KB
28 KB 106ms
103ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 08:49:23 GMT
x-amz-version-id: ivQMayQoxYPrsJJ_uTz8OzBvhj3ZlBwm
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7090252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 12 Jul 2023 14:36:15 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oF5d9c3F33DLpy41Nrw-Srrm8MSiqEAx9iwrUuRk3dG0Ew1Q9y7IfQ==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 23 KB
7 KB 107ms
104ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 01:45:42 GMT
x-amz-version-id: kjsgkmFh.GnFcyw4pHTlnQqAwDZ4.mYa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3314073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Mon, 21 Aug 2023 14:57:24 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4XZm0mDyLYP9t4yXxVhJwnJWMSP2FKTXgrrHV3vWQK4xWN45nCx1lQ==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 62 KB
20 KB 107ms
105ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 03:36:34 GMT
x-amz-version-id: fCU1rHK8PZHGjSHZj5aLYRigEERsAl0V
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5121820
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ogx81XtWDlm2NYqusks6bYGjlHE0CV0n5z8lCi6ccgY6_JC_2ge7wQ==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 105 KB
34 KB 109ms
106ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:19 GMT
x-amz-version-id: nu5YPPYpbxwbA5KeFnNDvED6qjQ46e.5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6107216
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Wed, 26 Jul 2023 13:14:43 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nTtAQ4JWJ5pNVyp-YOR94dPrlHVsibFgvZczDpDa-sUjGC3_I_vy6Q==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 12 KB
4 KB 112ms
110ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 19:12:12 GMT
x-amz-version-id: NUGZxvPg7W.acSsa10LtQDbxO8WVBOao
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6102483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Wed, 26 Jul 2023 13:14:42 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: um04p1Eaq9h0g-mKRotsc3Lk37KaQqkleMc9mDM3FCDvVkAH6MoGBQ==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 13 KB
6 KB 113ms
111ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 22:57:09 GMT
x-amz-version-id: LpOGcCN0tTTni4jtht.pQLzX33GYkDdT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7125786
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Wed, 12 Jul 2023 14:36:16 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p5LZYJFSJWdSE2J1qivEpn7VbQmO1Rpml6bzFWSoI-kYF3BoxUkjAw==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 17 KB
7 KB 114ms
112ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 02:40:25 GMT
x-amz-version-id: rITDjXEpthOTAiahCXONMRPruIsBsv5Z
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5125190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SP82YFB970JhaJST2dboRv4XcfT7HqsEbfQtN9taDsUyPT9-UeQe9Q==

GET
H2 200 8.7602338c.chunk.css
js.driftt.com/core/assets/css/ Frame 412C 31 KB
4 KB 115ms
113ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.7602338c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:50:08 GMT
x-amz-version-id: q66dX6dU5ESudoXt4AefzwSKn47c9cKn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2561407
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Mon, 04 Sep 2023 22:45:58 GMT
server: istio-envoy
etag: W/"76d0343f1f9f445c80d5c68c2a35b6e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GhA0T39RFWiMpBYTrYSzaJyfYAM4pqx5ceyjsbIWakJKJFUCeMqaMw==

GET
H2 200 8.eba5dae8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 81 KB
26 KB 115ms
114ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.eba5dae8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c871f116084716e74638906e8f72d572ad0b429fe4ffd1e6524698f8863e6eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:50:08 GMT
x-amz-version-id: mBPubbVlcoGyCFUAJnlHcT2v7IEHPkOa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2561407
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 64
last-modified: Mon, 04 Sep 2023 22:46:02 GMT
server: istio-envoy
etag: W/"e5667c6d6613c671dc878d325651ed30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jgv7dKsGae3vPEdqh5KgHvXvIGicUj-am3WpqfH8DNEZ5S2G1u2hPA==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 412C 24 B
696 B 114ms
113ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:55:06 GMT
x-amz-version-id: X5qMPjTBZh_EXTsHKYZdHpoQ.o7TDnrq
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 6107109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
content-length: 24
last-modified: Wed, 26 Jul 2023 13:14:40 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DOBMsmBD0nqa4dgIULqzt5IQ6MElntgA5ZFRul0ioS_Dr2vmhxsNHA==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 91 KB
24 KB 116ms
115ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 04:36:24 GMT
x-amz-version-id: it8iZm_DIEh8shbvI0o3g6PsgOCzAp9y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1921431
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 85
last-modified: Thu, 07 Sep 2023 15:58:12 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2M1bNB1R-ZTfCEcEgFEIvjhsrMKzdu1xjWFNYmAWlcpCePKAXA7Riw==

GET
H2 200 24.b8195d6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 50 KB
14 KB 117ms
116ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.b8195d6f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

13e6d3edf54c6c00bfa34948557a2988bd13c12dfa05426e2f96841e05859f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:15:27 GMT
x-amz-version-id: VrlnP2ljCYKV4aqktyeLhDSqfEtxPA8K
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1346688
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 15 Sep 2023 20:51:06 GMT
server: istio-envoy
etag: W/"28a73cfbb87b842bc4035605050cf485"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Sr2Q-xQZoZ2BWgJ5eSmpUxtoG7axAnL8x0CgT73ZgmUgNLr7FzuJsg==

GET
H2 200 17.10f4dc86.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 40 KB
13 KB 118ms
117ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.10f4dc86.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e51a2be6b9ef83a35f3c668ee14a711245586dd5d64abec9609d71586063b5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:15:27 GMT
x-amz-version-id: wYenZXx3wWk5yohfiJf5T8DgKkEzKw25
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1346688
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 15 Sep 2023 20:51:06 GMT
server: istio-envoy
etag: W/"73b73361bca65f89bc335da0149e0de6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tHVaBjinBAPAG3e5rk4RsczSo1xKuSmdFSBNZGuge6y6vxEN0waLBg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 9 KB
3 KB 24ms
24ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 18:42:49 GMT
x-amz-version-id: Nck5xN38gSMeJtyqZhHuad4veWM7ADNf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2216246
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Thu, 07 Sep 2023 15:58:11 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PHaPQ2f__JaFL-E5CMvcWekVFhk8uhL2UOqMgyHU5DqGTMhmFxnrSA==

GET
H2 200 27.01c2bea5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 35 KB
10 KB 24ms
23ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.01c2bea5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 04:19:39 GMT
x-amz-version-id: 8ImB2GzfMuOIT4VQ58DA5kzWjWXBsygZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6156035
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 73
last-modified: Tue, 25 Jul 2023 18:08:14 GMT
server: istio-envoy
etag: W/"04a233a42dcf8c50a83bfecea8ba552d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UDeVNtGi0nfaNVROYQ7oPi0avtcL9sj3bzM5T5he7jG7q_47EpQp3A==

GET
H2 200 28.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame 89E1 8 KB
2 KB 26ms
25ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.b5e8f5e1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 23:24:26 GMT
x-amz-version-id: dWp9miJXOVmUTXcain7mZ7aJqiAGjznQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2631349
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Mon, 04 Sep 2023 22:45:58 GMT
server: istio-envoy
etag: W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qxsxvvGHLauScl26xiFlaAHQw8CulwL_AmfJ-jtz6iM-52VFD_eKKQ==

GET
H2 200 28.bdd92ff2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 14 KB
6 KB 27ms
26ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.bdd92ff2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 01:08:20 GMT
x-amz-version-id: FvCtLBM3Ax0E94dTAA_8PRI1sla9ZXxV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5130715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"260fbabe310bd2cae5c44538f3d833ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RTEeYhAZhjaxOE0UM9S8tJ-3-hzBNCNFsD9ZWATqksV9i4FK47JD-w==

GET
H2 200 25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 89E1 365 B
1 KB 26ms
26ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 23:31:21 GMT
x-amz-version-id: n.AcAAyNdrluKmEb0IgSI_RvtitbHfQj
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 6086934
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 68
content-length: 365
last-modified: Wed, 26 Jul 2023 13:12:09 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c-kHDrSlf_NJuDP5VWdP3ASmO021me4rpOMnQCKeu62vJgcL-YF8bw==

GET
H2 200 25.a9a52994.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 89E1 91 KB
25 KB 27ms
26ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.a9a52994.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 18:42:49 GMT
x-amz-version-id: pcw9AIvdRX0G68ZPKiKBrPWu5fkyVt6d
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2216246
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 88
last-modified: Thu, 07 Sep 2023 15:58:12 GMT
server: istio-envoy
etag: W/"34109a0bf2906f78b21b4a9f5fa4ab8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9gxAmjmwp76eWgFgcRzbqglq7nFGwDHLDOIu9FQojD1R5nXIPXQXbQ==

GET
H2 200 37.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 412C 3 KB
1 KB 42ms
41ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 10:11:06 GMT
x-amz-version-id: 1Fvw.FePqdHMTWAULWhHtYDtzjDh8y58
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5098148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2cMPAYANN_-e9C14GFD7-vnoPvNbyHsEJuixTqP8R-8WHcp2sKN6jw==

GET
H2 200 37.298cbb69.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 3 KB
2 KB 41ms
41ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.298cbb69.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 03:07:53 GMT
x-amz-version-id: JzP5EHa1AgOQDQQqP6XtnDRIZFkYBhy2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4086742
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Fri, 18 Aug 2023 19:22:22 GMT
server: istio-envoy
etag: W/"86b289eeb2bf9d30034f30d9794e8041"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n8Im4oieBFlDxgFOnyBbD1y-xmlEuEryZsLEG5z-Zp4OoFLGO8CXQQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 9 KB
3 KB 24ms
23ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 18:42:49 GMT
x-amz-version-id: Nck5xN38gSMeJtyqZhHuad4veWM7ADNf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2216246
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Thu, 07 Sep 2023 15:58:11 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qQzY-VvoUX9PuzsgYDm1jl38c3RErds_OsmpIvoEXoSbDntNQ1GWbg==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 412C 7 KB
2 KB 23ms
23ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:21 GMT
x-amz-version-id: Ov831I2a5yEZEgVNkzjL3jR4iYT4qeoU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6107214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 26 Jul 2023 13:12:09 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h7MeQ3zYyuK3mr-CgFZvfwUk48TtEL5L222UV9ntwvP15Qy-J6lxUw==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 54 KB
15 KB 23ms
23ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 18:42:49 GMT
x-amz-version-id: ITvhpXzajAt0L1_EcpUinGYN5mqcFTgS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2216245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Thu, 07 Sep 2023 15:58:12 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7bREcq2TW_26YRlsc_u10xBubuVnADna-SCFnPAi9vtF_8JwRqmWUg==

GET
H2 200 1.12ba17b6.chunk.css
js.driftt.com/core/assets/css/ Frame 412C 44 KB
7 KB 24ms
23ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 11:27:15 GMT
x-amz-version-id: eSNvdp0yfhg_hVHGVV1T0Cg9aS8M1FwM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5093580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BZhFFsfuhrN-6JpDg6RYNmZZYvKS7I4_w74OmxNTE_IscoxhXtKp3g==

GET
H2 200 1.2aebee2c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 54 KB
17 KB 24ms
23ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.2aebee2c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

60409946ec37f5d25bf3516bd3fbc347358e60feaf168a3d578b323cb750860b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 22:45:31 GMT
x-amz-version-id: bS8baBPItBLwxisqBAsAAbXKmqRySvKy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2633684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Mon, 04 Sep 2023 17:29:48 GMT
server: istio-envoy
etag: W/"8dec138e62d799d028f8c7ed0cc19058"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: caMNVoTICODj7wUNf2Tu9TS2blIa7NFemkWRZQLX_GApX-1k0Ji7gg==

GET
H2 200 4.9d776499.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 23 KB
10 KB 24ms
24ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.9d776499.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 18:55:58 GMT
x-amz-version-id: uGJ36CDXFf5jc7zFgfXUohqg1i8mPHWM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6189857
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Tue, 25 Jul 2023 18:08:15 GMT
server: istio-envoy
etag: W/"cc02ad980b6b04f3bba61e68883356d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RQSzwcuZBrgVplsAQsF4F6AgGjgjw-d2724y2Z2IcB3JbqAvqWUtlw==

GET
H2 200 34.0504aac4.chunk.css
js.driftt.com/core/assets/css/ Frame 412C 16 KB
3 KB 24ms
24ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.0504aac4.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:11:02 GMT
x-amz-version-id: q2speui9tJuSqazhqyXXmusrZlo.6X8E
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6422953
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 21 Jul 2023 20:53:06 GMT
server: istio-envoy
etag: W/"95b017fb41a8751bd7175f8a73f035f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4wKizN9J-kDsmMVCB89bw-jy_Ntgt2DkLyXxFk9hyqwU_KVosXSAsg==

GET
H2 200 34.565cc93a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 412C 13 KB
5 KB 25ms
25ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.565cc93a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

08b15334412c5f3ad02391af96b4068d23b85e63c63fa8d78ee9bb7e78ce752d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:50:08 GMT
x-amz-version-id: .CV9Gv7QHuYDZKNfN_Mj0Og0uIzMiBl5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2561407
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Mon, 04 Sep 2023 22:46:01 GMT
server: istio-envoy
etag: W/"57c0a57c3cf808c4592182b4c490b3a0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6IM3EThtWk9jiEJXt1cI7PJPytdpgB2U1eoXj36UrKqSiXApGhjTWQ==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 89E1 147 B
588 B 629ms
124ms XHR
application/json 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f3b82f3a16fa34bb6b31c1f6d7b7647071132fc6d19cede7a5206c267cf28711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Oct 2023 10:20:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 76f589e728b6bebe
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147

GET
H2 200 c59506247d2922c6746c23543b4c7177-optin.json Show response
a.omappapi.com/app/campaign-views/71243615b528/vrjql4bayfklnoolz9lw/ 33 KB
7 KB 58ms
57ms XHR
application/json 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/71243615b528/vrjql4bayfklnoolz9lw/c59506247d2922c6746c23543b4c7177-optin.json
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 07b7c8ca03b5ae2d40f8ac4a9ae6156d705ce17a1bb585f18b77b2eb0fb4423e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:20:16 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 10/05/2023 06:13:27
cdn-pullzone: 293267
last-modified: Wed, 04 Oct 2023 04:11:45 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"651ce601-83ea"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 520e49332c4c4114a01d91c21388a9da
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 35ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQM236SHEC&gtm=45je3a20&_p=1355845724&cid=1217416224.1696501211&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1696501211&sct=1&seg=0&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&_s=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:20:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
250 B 143ms
143ms XHR
text/plain 178.128.135.233
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=50504&cid=vrjql4bayfklnoolz9lw&sid=5b97dc7db8a90&rt=false&dv=desktop&cty=popup&url=&v=5
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.233 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/3.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.goaheadtours.com
Date: Thu, 05 Oct 2023 10:20:16 GMT
Access-Control-Allow-Credentials: true
X-Kong-Response-Latency: 16
Server: kong/3.3.1
Connection: keep-alive
vary: Origin

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1355845724&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lead%20form&ea=view&el=organic-flex&_u=aDDAiEALRAAAAGAMK~&jid=&gjid=&cid=1217416224.1696501211&tid=UA-321712-14&_gid=67087914.1696501211&gtm=45He3a20n81NDTHZ2G&cd8=1696501216313.slr0jqm&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&cd2=1217416224.1696501211&il1nm=slider_&il1pi1id=TGI&il1pi1nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi1pr=4019&il1pi1ps=0&il1pi1ca=TGI&il1pi2id=WWR&il1pi2nm=Germany%2C%20Switzerland%20%26%20Austria&il1pi2pr=3529&il1pi2ps=1&il1pi2ca=WWR&il1pi3id=LSS&il1pi3nm=Grand%20Tour%20of%20Ireland&il1pi3pr=3699&il1pi3ps=2&il1pi3ca=LSS&il1pi4id=SCA&il1pi4nm=Scandinavia%3A%20The%20Capitals%20%26%20the%20Fjords&il1pi4pr=4219&il1pi4ps=3&il1pi4ca=SCA&il1pi5id=IRL&il1pi5nm=A%20Week%20in%20Ireland%3A%20Dublin%2C%20Cork%20%26%20Galway&il1pi5pr=2489&il1pi5ps=4&il1pi5ca=IRL&il1pi6id=CRA&il1pi6nm=A%20Week%20in%20Croatia%3A%20Zagreb%2C%20Split%20%26%20Dubrovnik&il1pi6pr=3209&il1pi6ps=5&il1pi6ca=CRA&z=206017655

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 09:10:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4157
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 89E1 25 B
88 B 165ms
135ms XHR
application/json 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Oct 2023 10:20:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: b2cb99dbc2cd18ea
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 89E1 24 KB
7 KB 289ms
289ms XHR
application/json 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

45cfec5e84438cdbd95a5484d23d67f7ec8b54eb1052f6f415c85ce520708973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Oct 2023 10:20:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 805910fee89b5082
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 169
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goaheadtours.com/	1970-01-20 15:15:03	Name: __cf_bm Value: LlgSp6TAmHA_kBmveUTU_P5EJ9pJq.kmXct.nuvEqgw-1696501210-0-AYTbpH86FRo8KsTAcIcWPGk9BEv977v6Uw/enjrqXfojOY5gJfJk3uXgvns6z6YT2L1N8fF0Ofr8EFbBfEXpkP4=
.goaheadtours.com/	1969-12-31 23:59:59	Name: _cfuvid Value: DoicOd8munAzlUNKCR0ezCcZFGmFrUmVXIacnJMeg9w-1696501210105-0-604800000
www.goaheadtours.com/	1970-01-21 00:51:01	Name: _omappvp Value: 3vu0BuAJNPdA8gnvWR7p2FT6NGBMpe0RHhiYmvH84DfOtQNAgFqPLY79LKVYLvIorp1uA8SOqFX6W5N2sG6J5kj1o18ZroQ3
www.goaheadtours.com/	1970-01-20 15:15:02	Name: _omappvs Value: 1696501210901
.goaheadtours.com/	1970-01-20 17:24:37	Name: _gcl_au Value: 1.1.1755178549.1696501211
.goaheadtours.com/	1970-01-20 15:16:27	Name: _uetsid Value: c3ff5e50636811eea60169faeb7efddd
.goaheadtours.com/	1970-01-21 00:36:37	Name: _uetvid Value: c3ff89b0636811eebb67e775fefde089
www.goaheadtours.com/	1970-01-20 19:34:13	Name: _ALGOLIA Value: anonymous-608248a1-d600-40c1-a6fb-765f17797a60
.bing.com/	1970-01-21 00:36:37	Name: MUID Value: 3F76BABE217469A33401A91F207268AF
.tiktok.com/	1970-01-21 00:36:37	Name: _ttp Value: 2WL9twzMtUkevGfbflilnmLYCJ7
.doubleclick.net/	1970-01-21 00:51:01	Name: IDE Value: AHWqTUm0ZorQWdLgegsThwkWsJLLsRElc_TcPZilZBzMjoYe4ujTSLATWt6aA0tZ92k
.goaheadtours.com/	1970-01-21 00:51:01	Name: _ga Value: GA1.2.1217416224.1696501211
.goaheadtours.com/	1970-01-20 15:16:27	Name: _gid Value: GA1.2.67087914.1696501211
.goaheadtours.com/	1970-01-20 15:15:01	Name: _dc_gtm_UA-321712-14 Value: 1
.goaheadtours.com/	1970-01-21 00:51:01	Name: invoca_session Value: %7B%22ttl%22%3A%222023-11-04T11%3A20%3A11.330Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22campaignIdOverrideParam%22%3Anull%2C%22campaignIdOverrideValue%22%3Anull%2C%22requirementsNeeded%22%3Atrue%2C%22cookieName%22%3A%22invoca_session%22%7D%7D
.criteo.com/	1970-01-21 00:36:37	Name: uid Value: 4c1d8dc3-b000-4deb-82b9-7b387605a713
.goaheadtours.com/	1970-01-21 00:36:37	Name: _tt_enable_cookie Value: 1
.goaheadtours.com/	1970-01-21 00:36:37	Name: _ttp Value: WQkw1wDieSg0Akekkch8KLU6bNK
.goaheadtours.com/	1970-01-20 17:24:37	Name: _fbp Value: fb.1.1696501211454.1311084682
.goaheadtours.com/	1970-01-21 00:44:25	Name: cto_bundle Value: Ts9i0F9TWHNsWGx1Snc2ZmNqUUoxYXNWd3IxdVJOVzJqbHczZ2NYd0Z4NXUxcm1tODBEcTMxQ1lpVVpzMkh2T2kwblBhY250ZnJCclFJWDF4dVVTR1FrYlpSNHJpdUNrRWlCUUFpOVRTd0ZMc3JTY2FNaktDbmx3dnhUaGUzMnJYbVlWNHBNVVBTSlBVRUtnJTJGQW9CSEswWTZFVyUyRk80ajZDalJpQXJHYXppUjNPV2UwJTNE
www.goaheadtours.com/	1970-01-21 00:51:01	Name: _tq_id.TV-6390362718-1.5a92 Value: 20017e67cba1bae2.1696501212.0.1696501212..
www.goaheadtours.com/	1970-01-20 15:58:13	Name: omSeen-alhmippjqh2dc1einghh Value: 1696501212163
.mountain.com/	1970-01-21 00:51:01	Name: guid Value: c506a6c7-6368-11ee-a3a1-bd4b1f549796
.px.mountain.com/	1970-01-21 00:51:01	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA
.goaheadtours.com/	1970-01-21 00:51:01	Name: _ga_LQM236SHEC Value: GS1.1.1696501211.1.0.1696501213.58.0.0
.rubiconproject.com/	1970-01-21 00:00:37	Name: khaos Value: LND10QKF-20-A15W
.rubiconproject.com/	1970-01-21 00:00:37	Name: audit Value: 1\|hk5BCtRxltR02CSZqFmXHZUQMyX0Vx2rwWPsWF1BAvIJc2SRyOdHk1xxMerce1lx3uoGZx39NpcwHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTW//S/xEwzoVnWupwegutJlg503yBUA1J5BdmzhEi23/veG1ohWna2x16h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.media.net/	1970-01-21 00:00:37	Name: visitor-id Value: 3395028148454788000V10
.media.net/	1970-01-20 15:58:13	Name: data-c-ts Value: 1696501214
.media.net/	1970-01-20 15:58:13	Name: data-c Value: k-_AhRnpizLxcDwpKLcap_CXjBV_ErcMz-EaUq9g~~3
.teads.tv/	1970-01-20 23:59:10	Name: tt_viewer Value: 5112a995-5f9a-42ce-ba4f-9d213870d08a
.bidswitch.net/	1970-01-21 00:00:37	Name: tuuid Value: 42b9cdc6-aca8-44a6-829d-c2f3ef78b7d9
.bidswitch.net/	1970-01-21 00:00:37	Name: c Value: 1696501214
.bidswitch.net/	1970-01-21 00:00:37	Name: tuuid_lu Value: 1696501214
.smartadserver.com/	1970-01-21 00:46:42	Name: pid Value: 2234031740646427780
.smartadserver.com/	1970-01-21 00:46:42	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 00:02:03	Name: csync Value: 79:k-KyZUJ5izLxcDwpKLcap_CXjBV_Ghj1CqfBGEjw
.casalemedia.com/	1970-01-21 00:00:37	Name: CMID Value: ZR6N3p0U05lnJcYuU.aNUwAA
.casalemedia.com/	1970-01-20 17:24:37	Name: CMPS Value: 5154
.casalemedia.com/	1970-01-20 17:24:37	Name: CMPRO Value: 5154
.demdex.net/	1970-01-20 19:34:13	Name: demdex Value: 41238911047820422622189795201957473786
exchange.mediavine.com/	1970-01-20 15:35:10	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22c5dce200-6368-11ee-8073-15574c404287%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:35:10	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22c5dce200-6368-11ee-8073-15574c404287%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:35:10	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22c5dce200-6368-11ee-8073-15574c404287%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:35:10	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22c5dce200-6368-11ee-8073-15574c404287%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:35:10	Name: criteo Value: %7B%22id%22%3A%22k-1qvlgJizLxcDwpKLcap_CXjBV_FFOEF0kVe1pA%22%2C%22version%22%3A%22criteo%22%7D
.omnitagjs.com/	1970-01-20 15:58:13	Name: ayl_visitor Value: 663010b50548d600a07404dcb3a56fba
.360yield.com/	1970-01-20 17:24:37	Name: tuuid Value: ff5fe167-df51-41a2-b936-dc92c5cacb99
.360yield.com/	1970-01-20 17:24:37	Name: tuuid_lu Value: 1696501214
.dpm.demdex.net/	1970-01-20 19:34:13	Name: dpm Value: 41238911047820422622189795201957473786
.adnxs.com/	1970-01-20 17:24:37	Name: uuid2 Value: 2466498290103013197
.yahoo.com/	1970-01-21 00:00:58	Name: A3 Value: d=AQABBN6NHmUCEKPEWo3aGTLnHDV_Q850d48FEgEBAQHfH2UoZbtj0CMA_eMAAA&S=AQAAAi0Fo0L-M0r8g54nedmvYuM
.360yield.com/	1970-01-20 17:24:37	Name: um Value: !38,M95fCP6YnxKZhcSbmG1fZ4VpC9nkz71WP6w5PYKG63268N6hlsm5dJnC-eXwFTuq2g.HFQ0D,1704277214
.360yield.com/	1970-01-20 17:24:37	Name: umeh Value: !38,0,1758709214,-1
.postrelease.com/	1970-01-21 00:00:37	Name: visitor Value: 6e70dda9-aca9-4ed0-bcdd-6b2821de24a2
.postrelease.com/	1970-01-21 00:00:37	Name: status Value: 0
a.twiago.com/	1970-01-20 15:58:13	Name: deuxesse_uxid Value: a2cba0ebc74ba136188407f55bf5e74aef277a597c62ced39a3caf4d2af62a76
.analytics.yahoo.com/	1970-01-21 00:00:37	Name: IDSYNC Value: "18zh~2eay:19e0~2eay"
.adnxs.com/	1970-01-20 17:24:37	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GTyvo67)!]tbPl@/D!9hy6]/Cr.cdG2(=1cV=v/5(l-cyY7x^tvre/3QHimX`K+5fA+ymp`Ay>zP6xCVxgWbpRzqF1`*bd:/-#n8S
.pubmatic.com/	1970-01-20 15:58:13	Name: KRTBCOOKIE_97 Value: 3385-uid:k-tH8DppizLxcDwpKLcap_CXjBV_GFDvHadYO4HQ&KRTB&23144-uid:k-tH8DppizLxcDwpKLcap_CXjBV_GFDvHadYO4HQ&KRTB&23286-uid:k-tH8DppizLxcDwpKLcap_CXjBV_GFDvHadYO4HQ&KRTB&23287-uid:k-tH8DppizLxcDwpKLcap_CXjBV_GFDvHadYO4HQ
.pubmatic.com/	1970-01-20 15:58:13	Name: PugT Value: 1696501214
.krxd.net/	1970-01-20 19:34:13	Name: _kuid_ Value: P1iuv1ER
.yieldmo.com/	1970-01-21 00:00:37	Name: yieldmo_id Value: 3eIq2yI00HIHFeKCKaPf%7C1696464000000%7C0
.ads.yieldmo.com/	1970-01-21 00:00:37	Name: ptrcriteo Value: k-_VmdBZizLxcDwpKLcap_CXjBV_Hd45EetxKP9Q
.hb.yahoo.net/	1970-01-20 19:34:13	Name: data-crt Value: k-hhATM5izLxcDwpKLcap_CXjBV_FQYThOAvUk_w~~63
.tremorhub.com/	1970-01-21 00:00:58	Name: tvid Value: d879bcc120454c61bf9a89abbcc846a5
.tremorhub.com/	1970-01-20 15:58:13	Name: tv_UICR Value: k-1--GdpizLxcDwpKLcap_CXjBV_Gt7JzmfMx7DA
www.goaheadtours.com/	1970-01-20 15:15:03	Name: drift_campaign_refresh Value: 75e1af06-39f3-4a6b-a115-f4b9faf8d0a3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://app.storyblok.com http://app.storyblok.com/
Strict-Transport-Security	max-age=0
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10100557.fls.doubleclick.net
6384424.fls.doubleclick.net
a.omappapi.com
a.opmnstr.com
a.storyblok.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
analytics.tiktok.com
api.omappapi.com
assets.goaheadtours.com
bat.bing.com
beacon.krxd.net
bootstrap.api.drift.com
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
collector-30678.us.tvsquared.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d1nldbz8jmu82w.cloudfront.net
d3oig6rspwnkfc.cloudfront.net
dis.criteo.com
dpm.demdex.net
dx.mountain.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
goef.ch
googleads.g.doubleclick.net
gs.mountain.com
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
img2.storyblok.com
jadserve.postrelease.com
js.driftt.com
match.sharethrough.com
matching.ivitrack.com
metrics.api.drift.com
mug.criteo.com
pixel.rubiconproject.com
px.mountain.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
solutions.invocacdn.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.dwin1.com
www.facebook.com
www.goaheadtours.com
www.google-analytics.com
www.google.ch
www.google.com
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
z.omappapi.com
104.18.27.193
13.225.78.63
13.248.245.213
141.226.228.48
142.250.185.198
162.19.138.83
178.128.135.233
178.250.7.11
178.250.7.13
18.197.66.22
18.66.112.118
18.66.112.19
18.66.122.38
184.30.20.22
185.64.191.210
185.86.139.94
2001:4860:4802:32::36
216.58.206.34
23.32.185.192
23.35.237.56
23.38.98.111
23.48.23.35
2400:52e0:1e00::1080:1
2600:1f18:612b:4280:608c:ccfd:554f:bc1
2600:9000:214f:1e00:f:8ce2:fb80:93a1
2600:9000:214f:b200:12:66da:ca00:21
2600:9000:223e:9400:13:b371:9a00:21
2606:4700::6810:5614
2606:4700::6812:7059
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200e
2a00:1450:4001:827::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c03::9c
2a02:2638:3::3
2a02:2638:d::d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
3.12.156.53
3.127.97.70
3.16.197.138
3.212.39.155
3.71.140.162
3.71.149.231
34.117.157.22
34.193.113.164
34.212.4.35
34.253.255.215
34.255.244.27
35.81.173.170
37.157.3.26
37.252.171.53
44.209.137.118
46.51.199.218
54.72.199.212
54.77.251.23
64.202.112.63
65.9.66.95
69.173.144.165
74.119.119.150
79.125.32.89
85.215.5.31
014c54f9c69b24966b07631c7e8e558f5539ec546d75a475defe14337d28e152
01f880327fad37b992dbd6c1e7c1f0b576bb182788ad5b422b638bb3a101b70d
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07b7c8ca03b5ae2d40f8ac4a9ae6156d705ce17a1bb585f18b77b2eb0fb4423e
08b15334412c5f3ad02391af96b4068d23b85e63c63fa8d78ee9bb7e78ce752d
0ff11e71dc336096127eacb0484ade7bd0c3b63b528bc9e8cee6a94537c4ccba
13e6d3edf54c6c00bfa34948557a2988bd13c12dfa05426e2f96841e05859f61
15e10c12c89a1c23d0fb379eafde1bde16e36477f81be2d70ca464db27e037be
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
211d8c9dcccd319acbdaa1d751176ecf1a44a82b9df56050f29e4a06502b007d
228739c5660b9818a95c3b2c13f6c65cf4364f871c0cde499446c985be07a682
2307ae5c04ba3eaf7d72cac36f15e6229132bfb908d92de1c569cb644becb708
25b2b402f5fb926c7f00bbce9664055f10729221d98fc2b90a311027acd8ee3a
26282da4b7c00f4566548fae097a7ccad6841b90d015acfc7024fd6bfcaeba2c
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36
283ce4fc2baa0dfd2324b05b14d0530fc385ee92fea03e1bd0891aa8593bdff2
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e
310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95
318b3811fff78b9d51b1385ccafe830b1b731407f73d12aba87704ce4c8c478c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34290bcc7fffbeb7c5f213987b36ac33c167b9d1a72a2373c40bfa4be14f3c9c
37ad809409817f7139138e19f5116f85889b390b19fa3883bc96379b50ada1b9
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
40d4e90cbd08177f2a5a82d8afad079be9761510684dd0516a979b9ff1629035
40f587db77c42d9ff81973aae62253fa0d0adab045691910d64533d6f7ec2c31
419e9ceec0f42d8d507ffd2bc953430abeb29bd2612358428d7b217deb284c5d
42079be35ad0d0e2b52f090fb07cf4587863e61be8ef47293ceec97ee5560504
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
43acd90d3c65e3d6e25c372cb71c739f16379a7f18f64f28a6774b19a83bb559
45cfec5e84438cdbd95a5484d23d67f7ec8b54eb1052f6f415c85ce520708973
47b3cdf62af98b2557c88d5052927d9491b3bdadb29eb2bc4156ee32a581d608
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
4a361059537f5f2eb0ba1cde026c1e4ea305a48a13ff7a480bc8e40f3e9a8792
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be2d9b5ed0447bf7d2b372d988938d87dab3d063e2252aa32dafc5cbb47f2d9
4c843cf07186cb3b96ce97cc635ff2331db3fe4162012c771c5009c64aecade9
4d65180699598cc634c94568f2d0575cd2271276f0258f809c7dcd257a849372
4dd1814e6c5f2285b0b4da50ab6e5bcf9c19b97ebee71f7658ba80b7a9e6d83c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4feda6639543cfbe6fbfc52198de2599d0b903689c96b6ce2f0a4e034ec60e59
50329428b5bb7153ccb0dd05a720dcec4dc5f3e5b28b12dafa2551f7de81ec3b
527a2ab93f12834cac411f2bf96d1548fa10333689c7ba8abd71e94922b41158
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55d6f41fd18bcaa57afb4edbc8e4465e792fedc842111c787ad52bfb82231693
569f041ebf1517bc89897ddeb38835b9d93afed9d870742c4e8b967464617b54
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
582c863de4df81180468a0bf44b8f18a60803dc85528d00534935fd4d7ded404
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
59acc2cd0f6c6cc274d8114e38bc1a619b197bb16c0ff724fe42a2863f8e4b6d
5af0576ae4724a12d65aa86acc4231c868e4e6087c87a0b57243c6ca6dd5b67c
5b6f59384f6cb9627be4fa5b63e6a093cb39970d9369f49062dd2e3dde6a5c38
5b7cf5a2660fb33477f53ab0b83471c49b60e3c7a324f3122fc1fe88ec1440dc
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5f1a64538f6cec595d6a889e30861e2ef8c05453822f8160423318b2dab86d5e
60409946ec37f5d25bf3516bd3fbc347358e60feaf168a3d578b323cb750860b
612cbaec926606a6f6db9b8ca4ea86e954f7f89627dbe8715c4f1ed647bcb04e
622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec
63c0446c7c0029b8052206e97f2e7319c5e7f61b16c8032d03f92ec03f39b593
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a
673e457023ac61d43f651a944cc0b1d9948beff615aafc6aa7ae328e2ea0b43d
67f3fc308975e1114ae6d9beb0c7b4eb0153f9038402fd78a354084cf2094de2
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
6b59be2f48490e7fab65a6fa43c99851ed0026b9c651ffa9937f49ad57cc2a22
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7265e359af3e211245dc312a6ebf471e69af504cd05137dcf922032ba7bd6339
7516f9aff006dced658ced4b577da1425b72add3677466abd9dca6fa4cb10d0b
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
79daab4e83a4f5e90a968e225b13c924d174ff804fcccdee5164c1530d68c755
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7d348f3c19a844bbfaea04d35423ba1036d7f94a2f94c20d4dd397db70664d49
7ddec3a2d69247482b88edf9c09e40131252980f87f9d70000892784534c1df7
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852bd0cacc917cf120c13a24ce9082d7cbbd0c20f8f74aadc5cc3f0863a3a0b3
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
882a45cd944955fda5a7ebb324f96dac071df013546b093cc35df7a8601f2910
8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a5471e7115bde2b91f8be92a788450b08b18f306ef7a2dce93064bafb3f93d6
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05
8b7bea2b34fd0b108adcedee3a5fb35768cd5a1c0205ab825117a2b2ae6343b7
8be54f9df63756f7a72ca5721de8d3ed6fd99dc2d4c8dbe09b5439515028ab48
8e9a6d909dc9c70587affdefea54ba839f8c9c539a0663db465b76d5968397eb
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
8f85c9d6b79566a1d83a25ec3bcf7b88b036b8da1764d25e6cd9c5392738dc12
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a
92174f6a87dd7459194e80268eff3ec0e41255529437cd4e878bee588d26a9bd
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
97f42f589e8dc951e4e08d648f931eb0bd8d91bef1f595eb6126d0b82bcaf9fd
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875
99e5a5f4890fefa08fb2ad545d16e578c1c13bc741fb1e430a671f2c76f1a484
99feddd6110f0c7f242673459c2162ad5c9934a9d5f2935b5a3e94bfd3a3ae7c
9adbfde2962376cd425bd1e6ebada1af1303719b51651d8fcb29b74cfdd2bab9
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9bf37c357401c10712eb17dbd6433130c058d399d0b15a52cad8cb853c35db71
9c12008459a92eaee91d2044d61926c8128c1fd573337f9b6a829af7394af259
9cd2d0511756cf5e8abd6dbe23b41a9529ea17bf882d1c726ed297b9f874af2e
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a7261c03942fe3aeae6c21a5e0d467a14b728a707eaf7e1d294a93683032d761
a7d9a2ff7fa9654293745469320ef432af8e8da2d503e62bf517e8fb804b9a2f
a981d2a0fe86cfc8dd4dd414ac80bfa1aa593805e7ba79a91c83a3b9f7478a7e
ab6259024d508e82f2100726285def9d2c67211afc10f9450dbb9efee58db5de
ab7d7c10091669bfc0281934eb42b0d08e462ef98f82f3d356ee640c8e1837bd
ac56cdfb455d6e7c8300391b2bc40767e2c328e71c9292390b540a69e2a93018
acb6c568434728225b997b0f1e7068cf886cbad7ba4a1bf3a711b0b3f75bbcbf
ad989fea9b3d9e1c7dbf7532aefe9286f36ce3b2338804c77fa7dbfeafcdfb21
ade30ddbc83c165140e004aa0bbe5f843cb479538451cdc208cb47e718e1593d
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
aff3f080ca81726de6f6af5f1fc204edc7efed19b2141b53db9f589832bd5123
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a76d22ca137ea3eff5681ed6fb5d4dbbb6771ea7642cbbbbca85a4c5089d3f
b4e955ffc5c5f7aeba5e91a9d7b86dbd8f64a5a61fe816ac9ed81933f107e7f8
b548d50df3b573e1b2d312706ea996b997ce51a1b90a203a3b276750270a3876
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8f156593b485ac2c6fcd60ac64e0f26de73210861991d48870110a050e9ad1a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
be84befed73c8c5ee2a1f2dff857e8e0e52f5a1cca07c4ba95043d5ce1c2f26f
c03628d9933445974fb52e2a61530b55bfb27101c25716eb35a031a3a81151c9
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815
c418460b30462d253c0f0460ff64a45524d6c5a90ecbc6f6cb46ceddff91ca84
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2
c871f116084716e74638906e8f72d572ad0b429fe4ffd1e6524698f8863e6eed
ca576224eadf33d00539fd0d7f912861526ff0b99b38994c169587737def7288
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3
d677c52b0dda864e5eb975106f53918f5e2dfb2b584ee65395b5dd0bb253989e
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
da95c8f525b77d7a72e24ff95bda7df85813c4cae1fc4c483710d3e3f9d6e0c8
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df50671350e30af789f10f002651e0cfa05d76b238f32b8463e40d7d6098abd7
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e0d2e872be145886fa21dbfb0bdd82a6dd87de09470f3b4dc8a93c9548f1d365
e12ba0c7fdf697f51afcc060e5c7a62be776fe9c631bb714964e15e4f65ddae6
e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef
e36a1932a305173bf65172ee69f7ef2b715316deff15f8a023c7872b5a6184fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e51a2be6b9ef83a35f3c668ee14a711245586dd5d64abec9609d71586063b5a0
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e563b4b6b27709874bb9d43e78e666705ac388159b8be03517fd00f6a934a224
e6bde3112462e03ceffe0adbc927bb3a85fc480e50a2dfe2e7cd075a6522c6a5
e89767a717d5fa04154ca21c66d1d96e7a5d3844875f0083f6bf400f2441d297
e9f780490551e01b62e4c9a91f74055b58e2643931f04e82943c880ddb4429bd
ebcabaeaf48094ef947db06d5e531ea5837df7878afff31e07aa5b32ad08dae0
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed66405827a21a72b4df472a08b2978ab6e47405d80f6097a9a8f0d045d3f38f
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f262b7ab4bc7ac9bff363b4dcc6a68420dc195850d6218a1d66764639db5a8d7
f3b82f3a16fa34bb6b31c1f6d7b7647071132fc6d19cede7a5206c267cf28711
f412437549c8ba029d57d8dad26ea46a31de7d190b9f33532db17188b98d655c
f43e194bad36d6d39054e1bd5da4bc4835829692ba445891bc2ff3e7da048760
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f97e825988704469f1abd617fa6c07db7823ee35437e911b9950e3685f1e4655

www.goaheadtours.com Open in urlscan Pro 2606:4700::6812:7059 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

247 Requests

95 %HTTPS

35 %IPv6

55 Domains

73 Subdomains

67 IPs

9 Countries

3089 kBTransfer

8097 kBSize

68 Cookies

17 Outgoing links

Page URL History

Redirected requests

247 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.goaheadtours.com Open in urlscan Pro
2606:4700::6812:7059 Public Scan

Screenshot
Live screenshot

Full Image

247
Requests

95 %
HTTPS

35 %
IPv6

55
Domains

73
Subdomains

67
IPs

9
Countries

3089 kB
Transfer

8097 kB
Size

68
Cookies

247 HTTP transactions
0 data transactions