login.microsoftonline.com Open in urlscan Pro
2603:1027:1:d8::9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://alt.travelplanet.click/v2/#/orders/192bfb60-5960-11ef-9a69-2dd735c75951?sid=Q6MF
Effective URL:
https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJeth...
Submission: On August 13 via manual (August 13th 2024, 11:00:04 am UTC) from GB — Scanned from FR

Summary HTTP 77 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 15 domains to perform 77 HTTP transactions. The main IP is 2603:1027:1:d8::9, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 15.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 27th 2024. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	13.36.21.68 13.36.21.68	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.47.53.35 52.47.53.35	16509 (AMAZON-02) (AMAZON-02)
4 7	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.245.60.78 18.245.60.78	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	13.38.224.165 13.38.224.165	16509 (AMAZON-02) (AMAZON-02)
6	13.37.30.220 13.37.30.220	16509 (AMAZON-02) (AMAZON-02)
1	52.95.154.102 52.95.154.102	16509 (AMAZON-02) (AMAZON-02)
2	2603:1027:1:d... 2603:1027:1:d8::9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2620:1ec:bdf::67 2620:1ec:bdf::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.32.138 40.126.32.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2603:1036:300... 2603:1036:3000:f8::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.50.201.201 20.50.201.201	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
77	19

18 13.36.21.68 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com

alt.travelplanet.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.alt.travelplanet.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.47.53.35 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-47-53-35.eu-west-3.compute.amazonaws.com

data.travelplanet.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:f9cb (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:153 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cibt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-78.fra60.r.cloudfront.net

assets.travelplanet.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.38.224.165 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-38-224-165.eu-west-3.compute.amazonaws.com

websocket.qal.travelplanet.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.37.30.220 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-30-220.eu-west-3.compute.amazonaws.com

api.alt.travelplanet.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.154.102 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-3.amazonaws.com

travelplanet-pub.s3.eu-west-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1027:1:d8::9 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:1ec:bdf::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.138 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

aadcdn.msauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1036:3000:f8::1 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.201.201 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eu-mobile.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	travelplanet.click 1 redirects alt.travelplanet.click data.travelplanet.click assets.travelplanet.click websocket.qal.travelplanet.click api.alt.travelplanet.click	2 MB
11	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 2218	399 KB
11	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	126 KB
7	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 1314	64 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	24 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	4 KB
3	gstatic.com fonts.gstatic.com	69 KB
2	microsoft.com eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 625	766 B
2	msauthimages.net aadcdn.msauthimages.net — Cisco Umbrella Rank: 6532	76 KB
2	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 15	18 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	29 KB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1014	1 KB
1	live.com login.live.com — Cisco Umbrella Rank: 37
1	amazonaws.com travelplanet-pub.s3.eu-west-3.amazonaws.com	20 KB
1	cibt.com cdn.cibt.com	159 KB
77	15

	Domain	Requested by
17	alt.travelplanet.click	alt.travelplanet.click
11	aadcdn.msauth.net	login.microsoftonline.com aadcdn.msauth.net
11	cdnjs.cloudflare.com	alt.travelplanet.click cdnjs.cloudflare.com client
7	api.alt.travelplanet.click	1 redirects alt.travelplanet.click
7	unpkg.com	4 redirects alt.travelplanet.click
4	use.fontawesome.com	alt.travelplanet.click use.fontawesome.com
4	fonts.googleapis.com	alt.travelplanet.click client
3	fonts.gstatic.com	fonts.googleapis.com
2	eu-mobile.events.data.microsoft.com	aadcdn.msauth.net
2	aadcdn.msauthimages.net
2	login.microsoftonline.com	alt.travelplanet.click aadcdn.msauth.net
2	websocket.qal.travelplanet.click	alt.travelplanet.click
2	cdn.jsdelivr.net	alt.travelplanet.click
2	assets.travelplanet.click	alt.travelplanet.click
2	data.travelplanet.click	alt.travelplanet.click data.travelplanet.click
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	travelplanet-pub.s3.eu-west-3.amazonaws.com
1	cdn.cibt.com	alt.travelplanet.click
77	19

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
alt.travelplanet.click Amazon RSA 2048 M03	`2023-12-15` - `2025-01-12`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
travelplanet.click Amazon RSA 2048 M02	`2024-06-29` - `2025-07-28`	a year	crt.sh
cibt.com Cloudflare Inc ECC CA-3	`2024-03-04` - `2024-12-31`	10 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.travelplanet.click Amazon RSA 2048 M03	`2024-02-12` - `2025-03-12`	a year	crt.sh
*.s3.eu-west-3.amazonaws.com Amazon RSA 2048 M01	`2024-07-18` - `2025-06-27`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2024-05-27` - `2025-05-27`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2024-07-30` - `2025-07-30`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2024-05-21` - `2025-05-21`	a year	crt.sh
aadcdn.msauthimages.net Microsoft Azure RSA TLS Issuing CA 03	`2024-06-04` - `2025-05-30`	a year	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2024-05-09` - `2025-05-09`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 08	`2024-06-16` - `2025-06-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60
Frame ID: AD0821C01D154E2950CF402161A30364
Requests: 73 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connectez-vous à votre compte

Page URL History Show full URLs

https://alt.travelplanet.click/v2/ Page URL
https://api.alt.travelplanet.click/auth/v1/sso/saml2/init/e76b5264-44fb-4002-a86f-1d0af0c2fb60 HTTP 302
https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVl... Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Moment Timezone (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment-timezone(?:-data)?(?:\.min)?\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

77
Requests

96 %
HTTPS

53 %
IPv6

15
Domains

19
Subdomains

19
IPs

6
Countries

3029 kB
Transfer

14402 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/fr-FR/servicesagreement/
Title: Conditions d'utilisation

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/fr-FR/privacystatement
Title: Confidentialité et cookies

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/fr-fr/accessibility/accessibilite/accessibility-statement
Title: Accessibilité : partiellement conforme

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://alt.travelplanet.click/v2/ Page URL
https://api.alt.travelplanet.click/auth/v1/sso/saml2/init/e76b5264-44fb-4002-a86f-1d0af0c2fb60 HTTP 302
https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://unpkg.com/@popperjs/core@2 HTTP 302
https://unpkg.com/@popperjs/core@2.11.8 HTTP 302
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

Request Chain 32

https://unpkg.com/react@16/umd/react.production.min.js HTTP 302
https://unpkg.com/react@16.14.0/umd/react.production.min.js

Request Chain 38

https://unpkg.com/react-dom@16/umd/react-dom.production.min.js HTTP 302
https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
alt.travelplanet.click/v2/ 4 KB
2 KB 231ms
29ms Document
text/html 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: d51f4ab960fb99db67aa1002976ab96d57967f18cf47c1a0d4aa351df38545de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 13 Aug 2024 10:59:57 GMT
etag: W/"668796e4-117f"
last-modified: Fri, 05 Jul 2024 06:47:00 GMT
server: nginx/1.19.6

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 109ms
40ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,600,700

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f8539022b5a1a5ba0c8205d9841b8f029802a8a2fe7f87714dc864946f32f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 10:53:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 10:59:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 109ms
41ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 09:27:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 10:59:57 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.1/css/ 52 KB
12 KB 85ms
32ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

Referer: https://alt.travelplanet.click/
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1656550
etag: W/"b8085bf2c839791244bd95f56fb93c01"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8W6ezuCug8jgk2tiyojEvF2vinERmKsGuQ1tw17HKq2bWWProTg9WNUtdv2EgAOm8T90h4sxbuAUOYX%2FSaXx4jyidf8ecPk1rxurTwjGqpxgjRwODEIam6MV2m6qsTne5%2B4vqAOk2TVRXPngLlfsbmBp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8b2832da7c89bead-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.2a67a4afc22d377ac451.css
alt.travelplanet.click/ 471 KB
91 KB 35ms
33ms Stylesheet
text/css 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/styles.2a67a4afc22d377ac451.css
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 0f3f8284e407bc8bfb025ab553392d1e94efe022fdc064f625470fdb8665a2a2

Request headers

Referer: https://alt.travelplanet.click/v2/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:27:54 GMT
server: nginx/1.19.6
etag: W/"6687926a-75ab6"
content-type: text/css

GET
H3 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 24 KB
7 KB 87ms
57ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 401507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6714
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-619d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ete3VL1uZBhapWlf7OoVkj8wEQlMHvUw9rI7nWGoJs%2Fi0v3XFvV%2B7z1R760MrGS6Vz8msy65DtOAYfv0Vc8OmH6mthdmtbBsCO7XmpDdz8nYZd2rX%2F3qALI2P0oBBqsN0IJA3lAV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832da5dde94cd-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H2 200 bb43ecfa44.js Show response
use.fontawesome.com/ 9 KB
4 KB 69ms
27ms Script
text/javascript 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/bb43ecfa44.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163607e1b329b848b568c7b835374eaae4464ff954f402e570e48c4d5bda6f36

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:18:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3645
etag: W/"83e3a9db29a462e92ca21acf3df5b603"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owo3gmMAFPe22Y%2B0%2FblYn3JtdeZLjhInXIxGj27h7hPR11HKnwdY3C2CCZjifPyKFyx1w8X3krDKZ8jyrsgwdvkJFKeMB78hPtnYq69LvbETpFurhMlWDH9nR8TrY7HX4R1vIiBBbPEXz2Fy55sZG1lV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 8b2832da8af952cc-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 tableau-2.js Show response
data.travelplanet.click/javascripts/api/ 871 B
945 B 107ms
29ms Script
text/javascript 52.47.53.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://data.travelplanet.click/javascripts/api/tableau-2.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.47.53.35 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-47-53-35.eu-west-3.compute.amazonaws.com

Software

Tableau /

Resource Hash

8dd96f4710541e3944dc65b778cf01f5d59510dd5112524de997242477c6f4e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: connect-src * https://*.tiles.mapbox.com https://api.mapbox.com; default-src blob:; font-src * data:; frame-src * data: tableau-desktop:; img-src * data: blob:; object-src data:; report-uri /vizql/csp-report; script-src * blob:; style-src * 'unsafe-inline'
p3p: CP="NON"
x-tableau: Tableau Server
content-length: 334
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 16 Sep 2022 06:52:06 GMT
server: Tableau
etag: "14e-5e8c5ccd0f180"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store
accept-ranges: bytes
expires: Wed, 13 Aug 2025 10:59:57 GMT

GET
H3 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
16 KB 80ms
57ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 363313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15508
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42sRS8Z%2BhKC9tEOTOfEz%2FkaCJFT5dIbQSjoi2oHuCCB%2B2lof24Js65iXHjmVYGAgl8h2ntAytw9Xus1%2B%2BEfpMeYwyRTDo8l2Taaa%2B2LA2yhWfcNvJZZ%2FBZaTt6jcdehcbCQuLDDO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832da7f7f6551-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H3 200 moment-timezone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.11/ 6 KB
3 KB 64ms
42ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.11/moment-timezone.min.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d02a6e9569dd8622c4396a9d9323f84a2ad45282566119f148370a21fec438f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7132015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2391
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-1793"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFWO23c0ZA9auSBu3aZvvZE%2FNSDCVaKFpc5DLUvhZ958wUq7faOV478GPeWAR45pG1djWgVJSGekhjv3SNdROUmxmkJP42cm5M4dh4Y62uw3%2FV4UK3oB30BBh4Lyrv3GWVK%2BQuAA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832da7f8a6551-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H3 200 moment-timezone-with-data-2010-2020.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.11/ 34 KB
9 KB 59ms
37ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.11/moment-timezone-with-data-2010-2020.min.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bcb48b861bc98f3002b37c35d8d5b4715a3e9652f65366598549455e24c8598

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3498054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8657
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-8637"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=teyUR%2Fhf7FvpW4AQtSSP95Gp6SNOuRQfZ0swWs36gqhe%2F9qepEmMpLKO6IKIoMfK2yvyEJhxB6JpWoLprnyMg6GWiR9IbDx0G0RghiSBYpaojpOsDydP61gPHuBe2UBAMDrl%2BgPo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832da7f906551-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H3 200 fr.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/locale/ 3 KB
2 KB 59ms
37ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/locale/fr.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f4b6acab4d01c3131bc66288be9322278d5e3b7e6df4339aaae30854accbae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 408008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 971
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-b9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twN3Ij86wkUODj%2FnOCJ2bNwVYTTVdSDB5nHg3qpszf%2FrMr2oiromIqkBpPWh7zglKthFF8DA%2B5B0mhOvojuZVRfb7PiekboqF3uaFOxTPF7PChWQVqg41MYnNTXzsCm02pHH5vsV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832da7f986551-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H2

200

popper.min.js Show response
unpkg.com/@popperjs/core@2.11.8/dist/umd/
Redirect Chain

https://unpkg.com/@popperjs/core@2
https://unpkg.com/@popperjs/core@2.11.8
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

20 KB
9 KB

31ms
30ms

Script
application/javascript

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 12468987
last-modified: Fri, 26 May 2023 17:27:16 GMT
fly-request-id: 01HSJ2YQFJZVSDJSWA7HH0SQJW-lhr
server: cloudflare
etag: "4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2832dafd0094a7-LHR

Redirect headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HS9KSA2VKMENQDT651TK7KEK-lhr
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 12753329
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@popperjs/core@2.11.8/dist/umd/popper.min.js
cache-control: public, max-age=31536000
cf-ray: 8b2832dabcc494a7-LHR

GET
H2 200 widget.js Show response
cdn.cibt.com/widget/js/ 559 KB
159 KB 103ms
37ms Script
application/javascript 2606:4700::6812:153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cibt.com/widget/js/widget.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

836225e8a0d50622a2317bb2d4838c666c4d772a6a3f4e20d662376acc18ed9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 396
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Aug 2022 14:22:31 GMT
server: cloudflare
etag: W/"630f6ea7-8bc62"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8b2832da9e78407d-LHR
expires: Tue, 13 Aug 2024 14:59:57 GMT

GET
H2 404 webcomponents-lite.js
alt.travelplanet.click/webcomponentsjs/ 0
0 78ms
78ms Script
text/html 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/webcomponentsjs/webcomponents-lite.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash

Request headers

Referer: https://alt.travelplanet.click/v2/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
server: nginx/1.19.6
content-length: 555
content-type: text/html

GET
H2 200 runtime-es2015.3e3c41a2e48c1ffec39c.js Show response
alt.travelplanet.click/ 4 KB
2 KB 79ms
79ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/runtime-es2015.3e3c41a2e48c1ffec39c.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 5b8b1a84f9e6b333149d8a3102ff3d90003e0059d216d13e593e46e5c1da2c2f

Request headers

Referer: https://alt.travelplanet.click/v2/
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:00 GMT
server: nginx/1.19.6
etag: W/"66879270-ffd"
content-type: application/javascript

GET
H2 200 polyfills-es2015.5c298471ac1b96ac3b5d.js Show response
alt.travelplanet.click/ 164 KB
65 KB 79ms
76ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/polyfills-es2015.5c298471ac1b96ac3b5d.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 1116f2da94e47a0a8905e07f983249c9e306cbf891be8511cf43a6a3bfb08961

Request headers

Referer: https://alt.travelplanet.click/v2/
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:08 GMT
server: nginx/1.19.6
etag: W/"66879278-29188"
content-type: application/javascript

GET
H2 200 scripts.bee0e97b38feb6bccdf9.js Show response
alt.travelplanet.click/ 564 KB
208 KB 206ms
205ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/scripts.bee0e97b38feb6bccdf9.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 06c04412bc38b88073b18744d655e8335fbec057bc3f711518f54c2d5952504c

Request headers

Referer: https://alt.travelplanet.click/v2/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:27:54 GMT
server: nginx/1.19.6
etag: W/"6687926a-8cf9d"
content-type: application/javascript

GET
H2 200 vendor-es2015.64263901b77b067abdd5.js Show response
alt.travelplanet.click/ 4 MB
1006 KB 80ms
77ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/vendor-es2015.64263901b77b067abdd5.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: da7ecfecb27d409b8994bb8d769fd04ce2b29b2d0ea8cbcfd177a89df5ddf945

Request headers

Referer: https://alt.travelplanet.click/v2/
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:59 GMT
server: nginx/1.19.6
etag: W/"668792ab-3b48f7"
content-type: application/javascript

GET
H2 200 main-es2015.781acd500802fbeacf84.js Show response
alt.travelplanet.click/ 1 MB
322 KB 227ms
224ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/main-es2015.781acd500802fbeacf84.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 30ba90e5ed10227d2e78719daf8d188e7b6e1746a0d24cd42a4aae2ff1d89987

Request headers

Referer: https://alt.travelplanet.click/v2/
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:15 GMT
server: nginx/1.19.6
etag: W/"6687927f-153315"
content-type: application/javascript

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 35ms
34ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/styles.2a67a4afc22d377ac451.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 401498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkTs%2Bt6pmk648tMXqi3rwAeI9AYJZWQAyqqIkTWIiM0OuLwF3zWLn0r2iQEBsaPK%2BC9JKu5bl2ImRNPWGZqnTWm3mPeqz%2BWGE3HeLjy%2FtaKLebFEn%2F7CNuXLlHFyfsq6cMZ%2BOwGO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832dad8906551-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
668 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/styles.2a67a4afc22d377ac451.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 09:28:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 10:59:57 GMT

GET
H3 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 34ms
33ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/styles.2a67a4afc22d377ac451.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 467352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5845
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SHjY0GgJBvZwP5fDmfxrLnddOVyTm48M1iejeeh%2FrpcLtEP9C42StCzDc%2FQkashhWKqHlMCAgRiuIEYXVJ7bmhUxN%2BC1Q2HUSiiTXCFDGGYczM8KzUVBF%2FZHM5niEhfZOCyZE%2FTu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832dad8926551-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H2 200 tp.png
assets.travelplanet.click/tp_logo/ 4 KB
4 KB 249ms
25ms Image
image/png 18.245.60.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.travelplanet.click/tp_logo/tp.png
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/styles.2a67a4afc22d377ac451.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed780a4e263455e032f631157cbbcd099a5db83c2e89721e7e0d06198bf6c53e

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 06:04:52 GMT
x-amz-version-id: EKBRSYZPIZkkB7KazpjtlaHZPxvKh6An
via: 1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jan 2020 09:26:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 17706
etag: "c4439d6dbb783bea800a575029888cbd"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-meta-mode: 33261
accept-ranges: bytes
content-length: 3634
x-amz-cf-id: szPnsWf5WIybMJikN1QW3_GJr0-MPalhJlbEYOodUgLcur0GxLSxwA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 99ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 14:58:07 GMT
x-content-type-options: nosniff
age: 72110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Aug 2025 14:58:07 GMT

GET
H2 200 tableau-2.9.1.js Show response
data.travelplanet.click/javascripts/api/ 429 KB
59 KB 33ms
32ms Script
text/javascript 52.47.53.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://data.travelplanet.click/javascripts/api/tableau-2.9.1.js

Requested by

Host: data.travelplanet.click
URL: https://data.travelplanet.click/javascripts/api/tableau-2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.47.53.35 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-47-53-35.eu-west-3.compute.amazonaws.com

Software

Tableau /

Resource Hash

4c5e8b4897a9e1f6c1699f7a214ea22650ee6454ad40f2a7bc926ef5bfc06022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: connect-src * https://*.tiles.mapbox.com https://api.mapbox.com; default-src blob:; font-src * data:; frame-src * data: tableau-desktop:; img-src * data: blob:; object-src data:; report-uri /vizql/csp-report; script-src * blob:; style-src * 'unsafe-inline'
p3p: CP="NON"
x-tableau: Tableau Server
content-length: 59443
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 16 Sep 2022 06:52:06 GMT
server: Tableau
etag: "e833-5e8c5ccd0f180"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Aug 2025 10:59:57 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 52ms
51ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 412321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=woOFa19PG2BCw8IUlX7z8nokIiqm%2B2GdTyvIzkRe5CE7J9vurUK6MKjcgBx9YM%2Bphgj%2BcMLwV%2BFG4vBi0vNU0mThP0o%2BlkAzoIc3oyERsVWH7ixThWnv19hJj0GaFlxUoXLvmExb"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832dcaa2d94cd-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H2 200 bb43ecfa44.css
use.fontawesome.com/ 1 KB
687 B 32ms
32ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/bb43ecfa44.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/bb43ecfa44.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0213a00c1bd2d0306e52053017ee61d129eecf6ab95d03f795c4b4f909a6d3b

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:18:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3644
etag: W/"451d8d12ccc2a9f47411b0971b2144e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FoAaEOLwzGL1eyEOm7NY8fR76NONzSfC%2BLbVOhFD%2F%2Bb10QHhj84k2CIQy2gzNrJI8WF2t5qYhwnWcpGNKlc4lJZdhBJB3l67qr%2B7HWWRmwYaxEqUE1ZZysE7MAfEGj6KH9%2B2eB1uciM9VtEr66lXGLXO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 8b2832dc4bfc52cc-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 webcomponents-sd.js Show response
cdn.jsdelivr.net/npm/@webcomponents/webcomponentsjs@2.4.1/bundles/ 66 KB
22 KB 69ms
18ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@webcomponents/webcomponentsjs@2.4.1/bundles/webcomponents-sd.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/scripts.bee0e97b38feb6bccdf9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de1bdeaca0d0f5f1126e9fb121539c515bdd130ec55b1a2fb3d936a2f9374f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 10:59:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1834888
x-jsd-version: 2.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22627
x-served-by: cache-fra-eddf8230088-FRA, cache-lcy-eglc8600093-LCY
x-jsd-version-type: version
etag: W/"1097c-BeCxcgjWm//VfOAwxJ6gsc9caP4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 webcomponents-ce.js Show response
cdn.jsdelivr.net/npm/@webcomponents/webcomponentsjs@2.4.1/bundles/ 20 KB
7 KB 68ms
18ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@webcomponents/webcomponentsjs@2.4.1/bundles/webcomponents-ce.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/scripts.bee0e97b38feb6bccdf9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cc15778da06770d39615c1e3089a17d9a528703bee6902669c483003f47d50dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 10:59:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1303589
x-jsd-version: 2.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6308
x-served-by: cache-fra-eddf8230047-FRA, cache-lcy-eglc8600093-LCY
x-jsd-version-type: version
etag: W/"4e27-S97Hu+xCMHhhgzN7gij0Dx9v2VU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 custom-elements-es5-adapter.js Show response
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.4.1/ 950 B
949 B 34ms
33ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.4.1/custom-elements-es5-adapter.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/scripts.bee0e97b38feb6bccdf9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b77085fc2486ede17c594ba50efc4f6aa5c812a0d4edf3904c4bf50c755d6c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 404939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 353
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-3b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xf5ay1JSOHG2waMoqeEVTgQpPWR07Bp0IynYoRZjeOFwV56DFJcuHo4loCroEbCGqGiy89HFM7K0pq%2BblWxO%2BYnTCuAGMi%2FlkC3lLdalg2NrD720%2BxnhzKB%2F1awlVu8uf2gxqkdQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832dcaabc6551-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 29ms
28ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/bb43ecfa44.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer: https://use.fontawesome.com/bb43ecfa44.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1690619
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MqRX9aIXsJhekOybQ%2BVBF06UMCT6di7ssaq3xfTjtWy3pa5W4f96mMuUQF%2B2QZwxT%2B4dr30eiPg%2Fdtsl4f4dlJNN3iU0QqWMh9EPKJfTk%2Ff%2BdULcDR0cUrW%2BvnBfhr%2FI7XGldXpef3bOgjDhEowR6MxM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8b2832dcac6052cc-LHR
alt-svc: h3=":443"; ma=86400

GET
H2

200

react.production.min.js Show response
unpkg.com/react@16.14.0/umd/
Redirect Chain

https://unpkg.com/react@16/umd/react.production.min.js
https://unpkg.com/react@16.14.0/umd/react.production.min.js

12 KB
6 KB

34ms
34ms

Script
application/javascript

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@16.14.0/umd/react.production.min.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/v2/

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:58 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 398098
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J4STN2XRW08ACF8B4R7BESQA-lhr
server: cloudflare
etag: "30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2832e11cd794a7-LHR

Redirect headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J55P0DBVPJFTRFRVVCBQV46W-lhr
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 315
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react@16.14.0/umd/react.production.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8b2832dcbf5c94a7-LHR

GET
H2 200 env-config.json Show response
alt.travelplanet.click/static/ 29 B
182 B 24ms
24ms Fetch
application/json 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/static/env-config.json
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/polyfills-es2015.5c298471ac1b96ac3b5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 497371efdf64aad60efe029cee23eab68bf0dcb55fc1ee695f26e2f071c82aac

Request headers

Referer: https://alt.travelplanet.click/v2/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:58 GMT
last-modified: Fri, 05 Jul 2024 06:47:00 GMT
server: nginx/1.19.6
accept-ranges: bytes
etag: "668796e4-1d"
content-length: 29
content-type: application/json

GET
H2 200 app-config.json Show response
alt.travelplanet.click/static/ 3 KB
516 B 24ms
24ms Fetch
application/json 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/static/app-config.json
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/polyfills-es2015.5c298471ac1b96ac3b5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 88109aec2fc3949ca9f849578944cbf2f1fae26319042e86b77a92d00195ed22

Request headers

Referer: https://alt.travelplanet.click/v2/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:58 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:59 GMT
server: nginx/1.19.6
etag: W/"668792ab-acf"
content-type: application/json

GET
H2 200 / Show response
websocket.qal.travelplanet.click/socket.io/ 103 B
309 B 209ms
25ms XHR
text/plain 13.38.224.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://websocket.qal.travelplanet.click/socket.io/?EIO=3&transport=polling&t=P5BPGYz
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/polyfills-es2015.5c298471ac1b96ac3b5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.38.224.165 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-38-224-165.eu-west-3.compute.amazonaws.com
Software: /
Resource Hash: df873930781a649155532baf6847a9de161e233e2bf680b111cbee346b6cb6c8

Request headers

Accept: */*
Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://alt.travelplanet.click
date: Tue, 13 Aug 2024 10:59:58 GMT
access-control-allow-credentials: true
content-length: 103
content-type: text/plain; charset=UTF-8

GET
H2 200 default~contents-contents-module~modules-booking-new-offline-new-offline-module~modules-cart-cart-mo~9accc063-es2015.10c6065711bc9f5ad9df.js Show response
alt.travelplanet.click/ 23 KB
6 KB 26ms
25ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/default~contents-contents-module~modules-booking-new-offline-new-offline-module~modules-cart-cart-mo~9accc063-es2015.10c6065711bc9f5ad9df.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/runtime-es2015.3e3c41a2e48c1ffec39c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: e0d48d87910a9b2765c2e62c6617ffa223c4a7a6611dfb06c2efc10e2c421caf

Request headers

Referer: https://alt.travelplanet.click/v2/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:58 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:01 GMT
server: nginx/1.19.6
etag: W/"66879271-5d24"
content-type: application/javascript

GET
H2 200 default~modules-booking-new-offline-new-offline-module~modules-orders-orders-module-es2015.762321a38e25c106bd62.js Show response
alt.travelplanet.click/ 471 KB
98 KB 27ms
27ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/default~modules-booking-new-offline-new-offline-module~modules-orders-orders-module-es2015.762321a38e25c106bd62.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/runtime-es2015.3e3c41a2e48c1ffec39c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: ca6f1a730d48d12a0884dad93caa932eee80096445141195ca2c54f3c96094dd

Request headers

Referer: https://alt.travelplanet.click/v2/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:58 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:08 GMT
server: nginx/1.19.6
etag: W/"66879278-75a8f"
content-type: application/javascript

GET
H2

200

react-dom.production.min.js Show response
unpkg.com/react-dom@16.14.0/umd/
Redirect Chain

https://unpkg.com/react-dom@16/umd/react-dom.production.min.js
https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

116 KB
48 KB

32ms
31ms

Script
application/javascript

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:58 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1712368
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J3JN8PCMANX7AYDC1BR3GV0Q-lhr
server: cloudflare
etag: "1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2832e34f7794a7-LHR

Redirect headers

date: Tue, 13 Aug 2024 10:59:58 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J55NX73AXRHKCJ88DXS2H7E1-lhr
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 421
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react-dom@16.14.0/umd/react-dom.production.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8b2832e15d2c94a7-LHR

GET
H2 200 modules-login-login-module-es2015.e3cdd9e97108ba5a1568.js Show response
alt.travelplanet.click/ 58 KB
15 KB 28ms
27ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/modules-login-login-module-es2015.e3cdd9e97108ba5a1568.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/runtime-es2015.3e3c41a2e48c1ffec39c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: d8a3670b643c256219e47425eb23b897c1e996c29e664a08859ca33971ea3a88

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:58 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:07 GMT
server: nginx/1.19.6
etag: W/"66879277-e79a"
content-type: application/javascript

GET
H2 200 / Show response
websocket.qal.travelplanet.click/socket.io/ 3 B
206 B 207ms
206ms XHR
text/plain 13.38.224.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://websocket.qal.travelplanet.click/socket.io/?EIO=3&transport=polling&t=P5BPGeB&sid=x8R_J1fMHymL_Te8CtMp
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/polyfills-es2015.5c298471ac1b96ac3b5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.38.224.165 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-38-224-165.eu-west-3.compute.amazonaws.com
Software: /
Resource Hash: 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept: */*
Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://alt.travelplanet.click
date: Tue, 13 Aug 2024 10:59:58 GMT
access-control-allow-credentials: true
content-length: 3
content-type: text/plain; charset=UTF-8

OPTIONS
H2 204 Q6MF
api.alt.travelplanet.click/auth/v1/click/community/ 0
0 341ms
25ms Preflight 13.37.30.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alt.travelplanet.click/auth/v1/click/community/Q6MF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.37.30.220 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-30-220.eu-west-3.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,expires,if-modified-since,pragma
Access-Control-Request-Method: GET
Origin: https://alt.travelplanet.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: cache-control,expires,if-modified-since,pragma
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 13 Aug 2024 10:59:59 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

OPTIONS
H2 204 login-page-settings
api.alt.travelplanet.click/auth/v1/click/company/ 0
0 339ms
24ms Preflight 13.37.30.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alt.travelplanet.click/auth/v1/click/company/login-page-settings?url=alt.travelplanet.click&local_date=Tue%20Aug%2013%202024%2012:59:58%20GMT+0200%20(heure%20d%E2%80%99%C3%A9t%C3%A9%20d%E2%80%99Europe%20centrale)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.37.30.220 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-30-220.eu-west-3.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,expires,if-modified-since,pragma
Access-Control-Request-Method: GET
Origin: https://alt.travelplanet.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: cache-control,expires,if-modified-since,pragma
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 13 Aug 2024 10:59:59 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 Q6MF Show response
api.alt.travelplanet.click/auth/v1/click/community/ 151 B
307 B 28ms
28ms XHR
application/json 13.37.30.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alt.travelplanet.click/auth/v1/click/community/Q6MF
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/polyfills-es2015.5c298471ac1b96ac3b5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.37.30.220 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-30-220.eu-west-3.compute.amazonaws.com
Software: / Express
Resource Hash: 63b7f41afbbb59237edf4d465f7dfe12122c42459aaa5953ca64cdca0eb26f20

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://alt.travelplanet.click/
If-Modified-Since: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

access-control-allow-origin: *
date: Tue, 13 Aug 2024 10:59:59 GMT
x-powered-by: Express
content-length: 151
etag: W/"97-Vfj5OqmKYAngKIpuiC/n53G06Ck"
content-type: application/json; charset=utf-8

GET
H2 200 login-page-settings Show response
api.alt.travelplanet.click/auth/v1/click/company/ 202 B
359 B 28ms
27ms XHR
application/json 13.37.30.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alt.travelplanet.click/auth/v1/click/company/login-page-settings?url=alt.travelplanet.click&local_date=Tue%20Aug%2013%202024%2012:59:58%20GMT+0200%20(heure%20d%E2%80%99%C3%A9t%C3%A9%20d%E2%80%99Europe%20centrale)
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/polyfills-es2015.5c298471ac1b96ac3b5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.37.30.220 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-30-220.eu-west-3.compute.amazonaws.com
Software: / Express
Resource Hash: 6c7342a56360897db5b2817fc20d88fb4042434e75ce1cacaa4cb7529e9b88d6

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://alt.travelplanet.click/
If-Modified-Since: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

access-control-allow-origin: *
date: Tue, 13 Aug 2024 10:59:59 GMT
x-powered-by: Express
content-length: 202
etag: W/"ca-q+iMY9TbTSE6Vu5GsZ107nm+WzU"
content-type: application/json; charset=utf-8

GET
H2 200 favicon.ico
alt.travelplanet.click/ 1 KB
1 KB 24ms
24ms Other
image/x-icon 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 738092b052557040015c8fc4f16de1890876391bf0cbad7f6928d4b1d3c45107

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:58 GMT
last-modified: Fri, 05 Jul 2024 06:28:59 GMT
server: nginx/1.19.6
accept-ranges: bytes
etag: "668792ab-47e"
content-length: 1150
content-type: image/x-icon

OPTIONS
H2 204 setting
api.alt.travelplanet.click/auth/v1/sso/saml2/ 0
0 24ms
23ms Preflight 13.37.30.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alt.travelplanet.click/auth/v1/sso/saml2/setting
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.37.30.220 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-30-220.eu-west-3.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,expires,if-modified-since,pragma
Access-Control-Request-Method: POST
Origin: https://alt.travelplanet.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: cache-control,content-type,expires,if-modified-since,pragma
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Tue, 13 Aug 2024 10:59:59 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
0 0ms
0ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 401498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkTs%2Bt6pmk648tMXqi3rwAeI9AYJZWQAyqqIkTWIiM0OuLwF3zWLn0r2iQEBsaPK%2BC9JKu5bl2ImRNPWGZqnTWm3mPeqz%2BWGE3HeLjy%2FtaKLebFEn%2F7CNuXLlHFyfsq6cMZ%2BOwGO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832dad8906551-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
0 1ms
1ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 09:28:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 10:59:57 GMT

GET
H3 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
0 1ms
1ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 467352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5845
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SHjY0GgJBvZwP5fDmfxrLnddOVyTm48M1iejeeh%2FrpcLtEP9C42StCzDc%2FQkashhWKqHlMCAgRiuIEYXVJ7bmhUxN%2BC1Q2HUSiiTXCFDGGYczM8KzUVBF%2FZHM5niEhfZOCyZE%2FTu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2832dad8926551-LHR
expires: Sun, 03 Aug 2025 10:59:57 GMT

GET
H2 200 common-es2015.9a3e2e22bedecd93b5de.js Show response
alt.travelplanet.click/ 8 KB
2 KB 25ms
24ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/common-es2015.9a3e2e22bedecd93b5de.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/runtime-es2015.3e3c41a2e48c1ffec39c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 750715c976eb0ebc5daf8a457b31ab44468d397fc3e6473f7ff467de80f5a851

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:59 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:00 GMT
server: nginx/1.19.6
etag: W/"66879270-1ef3"
content-type: application/javascript

GET
H2 200 modules-home-home-module-es2015.00b2470c68388571b71f.js Show response
alt.travelplanet.click/ 679 KB
156 KB 27ms
26ms Script
application/javascript 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/modules-home-home-module-es2015.00b2470c68388571b71f.js
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/runtime-es2015.3e3c41a2e48c1ffec39c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: ff3950c9ea704493e7198d0a73f5c0ad094be63f59b2d5b1ba49736bd6038af5

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:59 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 06:28:17 GMT
server: nginx/1.19.6
etag: W/"66879281-a9b36"
content-type: application/javascript

POST
H2 200 setting
api.alt.travelplanet.click/auth/v1/sso/saml2/ 49 B
204 B 50ms
49ms XHR
application/json 13.37.30.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.alt.travelplanet.click/auth/v1/sso/saml2/setting
Requested by: Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/polyfills-es2015.5c298471ac1b96ac3b5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.37.30.220 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-30-220.eu-west-3.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Pragma: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://alt.travelplanet.click/
If-Modified-Since: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

access-control-allow-origin: *
date: Tue, 13 Aug 2024 10:59:59 GMT
x-powered-by: Express
content-length: 49
etag: W/"31-ledzGJiUorRIijs0DuUMsslDXbM"
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK tp-logo-vertical.png
travelplanet-pub.s3.eu-west-3.amazonaws.com/assets_click/tp_logo/ 19 KB
20 KB 136ms
40ms Image
image/png 52.95.154.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travelplanet-pub.s3.eu-west-3.amazonaws.com/assets_click/tp_logo/tp-logo-vertical.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.95.154.102 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-west-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: d07d58721a86f1bfd69720edd6dc4083e05b2f967e4918a76bcd21c0ae51b3c4

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 11:00:00 GMT
x-amz-version-id: yaOrGYpmzpbAJmj0xRpU0JtcoT9gsKIF
Last-Modified: Mon, 20 Jul 2020 09:17:21 GMT
Server: AmazonS3
x-amz-request-id: QAW4WT34SZ36BXKC
ETag: "81dd93e5a503ee3d85885c4b29a83875"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19894
x-amz-id-2: EFezUFPxyxB9ileLfztJr8rn+zEDZGUSdhXeYk9+DCu3u5FvPg+/702mPogj/fTOiETPQTT6CWE=

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:27:45 GMT
x-content-type-options: nosniff
age: 588734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 15:27:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 47ms
46ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://alt.travelplanet.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 08:22:19 GMT
x-content-type-options: nosniff
age: 527860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 08:22:19 GMT

GET
H2 200 favicon.ico
alt.travelplanet.click/ 1 KB
0 0ms
0ms Other
image/x-icon 13.36.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alt.travelplanet.click/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.36.21.68 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-21-68.eu-west-3.compute.amazonaws.com
Software: nginx/1.19.6 /
Resource Hash: 738092b052557040015c8fc4f16de1890876391bf0cbad7f6928d4b1d3c45107

Request headers

Referer: https://alt.travelplanet.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:59:58 GMT
last-modified: Fri, 05 Jul 2024 06:28:59 GMT
server: nginx/1.19.6
accept-ranges: bytes
etag: "668792ab-47e"
content-length: 1150
content-type: image/x-icon

GET
H2 206 ete.mp4
assets.travelplanet.click/login-scene/ 3 MB
0 29ms
29ms Media
video/mp4 18.245.60.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.travelplanet.click/login-scene/ete.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://alt.travelplanet.click/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: BMXA2X6bBKxI9KEfV8ts76.l2TFzeNeq
date: Tue, 13 Aug 2024 08:07:27 GMT
via: 1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
last-modified: Thu, 15 Oct 2020 15:59:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 14037
etag: "13bd6380fb34ee77540f54acc46d3ed7"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-9969964/9969965
accept-ranges: bytes
x-amz-cf-id: -3dmAUniF3UUKrwkCzCA7qQUekzQr9vmFnlz9a2a3gCuG7i2ExEMWA==
Content-Length: 9969965

GET
H/1.1

200
OK

Primary Request saml2 Show response
login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/
Redirect Chain

https://api.alt.travelplanet.click/auth/v1/sso/saml2/init/e76b5264-44fb-4002-a86f-1d0af0c2fb60
https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBj...

39 KB
17 KB

231ms
117ms

Document
text/html

2603:1027:1:d8::9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60

Requested by

Host: alt.travelplanet.click
URL: https://alt.travelplanet.click/modules-login-login-module-es2015.e3cdd9e97108ba5a1568.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1027:1:d8::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3f0b3662def62c3f8d6ac5b00eff89074e95b8ba517fb5288ad6827da1c3d515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://alt.travelplanet.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 14881
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Aug 2024 10:59:59 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-Frame-Options: DENY
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.18708.3 - WEULR1 ProdSlices
x-ms-request-id: 6bdd37ee-d8b0-4954-a346-1da94a6e5b00
x-ms-srs: 1.P

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Tue, 13 Aug 2024 10:59:59 GMT
location: https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60
x-powered-by: Express

GET
H2 200 converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 111 KB
20 KB 401ms
44ms Stylesheet
text/css 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 10:59:59 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 20414
x-ms-lease-status: unlocked
last-modified: Wed, 03 Jul 2024 21:48:08 GMT
etag: 0x8DC9BA9D4131BFD
x-azure-ref: 20240813T105959Z-154b59dbc6dlngw99sacfdyvhn00000007r000000001pt17
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d08b037c-e01e-0060-341c-e98064000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_CCN0bXNsyKGzo-is1AL9Ow2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 439 KB
120 KB 406ms
50ms Script
application/x-javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_CCN0bXNsyKGzo-is1AL9Ow2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2753374dc9f9478217049db0377fe7dd4c23ee0ce2adf68f77ed60b2bc508994

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 10:59:59 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 122101
x-ms-lease-status: unlocked
last-modified: Fri, 26 Jul 2024 22:42:40 GMT
etag: 0x8DCADC44199D7FA
x-azure-ref: 20240813T105959Z-154b59dbc6dlngw99sacfdyvhn00000007r000000001pt18
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4feae540-301e-0070-2f72-e97aa1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-fr.min_lv7et6gzw4t_lnfaylcjkq2.js Show response
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 62 KB
18 KB 406ms
50ms Script
application/x-javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-fr.min_lv7et6gzw4t_lnfaylcjkq2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f8d63096d908352c667665e3b164a8bd5902d1ba4e857db4c7c3583a323b0e17

Request headers

Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 10:59:59 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 17748
x-ms-lease-status: unlocked
last-modified: Sun, 28 Jul 2024 07:38:17 GMT
etag: 0x8DCAED83F4477BE
x-azure-ref: 20240813T105959Z-154b59dbc6dlngw99sacfdyvhn00000007r000000001pt19
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0ffb47e7-201e-0039-216d-e94ff5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 227ms
143ms Other
text/html 40.126.32.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.32.138 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

GET
H2 200 oneDs_f2e0f4a029670f10d892.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 186 KB
60 KB 100ms
39ms Script
application/x-javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_CCN0bXNsyKGzo-is1AL9Ow2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:00 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 61052
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 17:22:47 GMT
etag: 0x8DB5D44A8CEE4F4
x-azure-ref: 20240813T110000Z-154b59dbc6dp6phcqrwhfx6qkc0000000eu000000000mxa7
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5603a290-d01e-0060-7654-e5c876000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 397 KB
114 KB 23ms
23ms Script
application/x-javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_CCN0bXNsyKGzo-is1AL9Ow2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:00 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 116351
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jun 2024 02:13:44 GMT
etag: 0x8DC90CE9C53BCDF
x-azure-ref: 20240813T110000Z-154b59dbc6dp6phcqrwhfx6qkc0000000eu000000000mxap
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9d984541-f01e-004d-072e-e5e994000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ 17 KB
17 KB 26ms
24ms Other
image/x-icon 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:00 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 17174
x-ms-lease-status: unlocked
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
etag: 0x8D8731230C851A6
x-azure-ref: 20240813T110000Z-154b59dbc6dp6phcqrwhfx6qkc0000000eu000000000mxav
content-type: image/x-icon
access-control-allow-origin: *
x-ms-request-id: 1011e323-f01e-0061-5808-e58cbe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 26ms
25ms Script
application/x-javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_CCN0bXNsyKGzo-is1AL9Ow2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8d31dbc6089dc6195b1945b85a7225a01dcf031bd8cbc3df86029022fe64a5e5

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:00 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 5531
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jun 2024 02:13:44 GMT
etag: 0x8DC90CE9C8E6126
x-azure-ref: 20240813T110000Z-154b59dbc6dp6phcqrwhfx6qkc0000000eu000000000mxb2
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 96b0217f-401e-0026-2b30-e58ea1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 25ms
25ms Image
image/gif 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:00 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 2672
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:47 GMT
etag: 0x8DB5C3F48EC4154
x-azure-ref: 20240813T110000Z-154b59dbc6dp6phcqrwhfx6qkc0000000eu000000000mxb3
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: be385f06-401e-0072-13a3-e5b3a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 25ms
25ms Image
image/gif 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:00 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 3620
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:48 GMT
etag: 0x8DB5C3F4904824B
x-azure-ref: 20240813T110000Z-154b59dbc6dp6phcqrwhfx6qkc0000000eu000000000mxb4
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: a7fea3f3-701e-003f-0830-e53458000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 illustration
aadcdn.msauthimages.net/c1c6b6c8-pvlx-3cwjv9vyyyhfrah-guv3ccx7x-xaubkredxces/logintenantbranding/0/ 66 KB
66 KB 91ms
22ms Image
image/* 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aadcdn.msauthimages.net/c1c6b6c8-pvlx-3cwjv9vyyyhfrah-guv3ccx7x-xaubkredxces/logintenantbranding/0/illustration?ts=637082129462525554

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F46) /

Resource Hash

18669653fb7e9be60e8da1a37198e4738feb9bbab61ab7537142621d14ca08df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:00 GMT
x-content-type-options: nosniff
content-md5: UcxoLOEiwlJWYol5x1YRcg==
age: 21013
x-cache: HIT
content-length: 67538
x-ms-lease-status: unlocked
last-modified: Fri, 01 Nov 2019 13:49:06 GMT
server: ECAcc (paa/6F46)
etag: 0x8D75ED2439BC4E7
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: 7db8da35-301e-002e-023f-edacf5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-pvlx-3cwjv9vyyyhfrah-guv3ccx7x-xaubkredxces/logintenantbranding/0/ 9 KB
10 KB 89ms
21ms Image
image/* 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aadcdn.msauthimages.net/c1c6b6c8-pvlx-3cwjv9vyyyhfrah-guv3ccx7x-xaubkredxces/logintenantbranding/0/bannerlogo?ts=637193579388976815

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F4F) /

Resource Hash

ef940efcf654855158a77523d0ff7de02cf07a02c3a8597f1f9cf9a93702bd66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:00 GMT
x-content-type-options: nosniff
content-md5: KRxNAhW0ljy3MUfHymJe0g==
age: 21013
x-cache: HIT
content-length: 9714
x-ms-lease-status: unlocked
last-modified: Mon, 09 Mar 2020 13:38:59 GMT
server: ECAcc (paa/6F4F)
etag: 0x8D7C42F38DC86DB
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: ea4b76f9-401e-0047-1f3f-edf359000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 401
Unauthorized ssoprobe
autologon.microsoftazuread-sso.com/75046e30-7443-48c1-89c4-f710fef78b2b/winauth/ 12 B
1 KB 857ms
357ms Image
image/png 2603:1036:3000:f8::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autologon.microsoftazuread-sso.com/75046e30-7443-48c1-89c4-f710fef78b2b/winauth/ssoprobe?client-request-id=a1e35e73-cbdb-4daa-b7dc-d07a360c76c3&_=1723546800388

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:f8::1 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 11:00:00 GMT
X-Content-Type-Options: nosniff
WWW-Authenticate: Negotiate
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 12
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Vary: Origin
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: https://login.microsoftonline.com
x-ms-request-id: d39f3b58-46f1-4aca-af79-72c24a131600
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}
x-ms-ests-server: 2.1.18708.3 - SEC ProdSlices
Expires: -1

POST
H/1.1 200
OK dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 265 B
1 KB 87ms
85ms XHR
application/json 2603:1027:1:d8::9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_CCN0bXNsyKGzo-is1AL9Ow2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1027:1:d8::9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5c0455635324d489bf51f12dc1ee262d2f800234b640d8608562a558f672d0f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgrequestid: 6bdd37ee-d8b0-4954-a346-1da94a6e5b00
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
client-request-id: a1e35e73-cbdb-4daa-b7dc-d07a360c76c3
canary: PAQABDgEAAAApTwJmzXqdR4BN2miheQMYAwWK4Be2w87ImvSC3b9MDQ1pmYmf8NaBRsT4b6_hv8GfZVNX5y0ZwMSmjU5Qtb66DRe7Qcma2cjKQJZHYUbFehFlmC_qX72W0t4-LV_gJJ9p6ndk3Qee7g70YN8ya3Kliy-elUkPWqvWpY1NnWPUHNvisLaBwGdKC7gg6yWWenAFLhQjx58kVXOG8XM2N1zDxXKwHlEUGBzz6r0BEMHUuCAA
Content-type: application/json; charset=UTF-8
hpgid: 1104
Accept: application/json
Referer: https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60
hpgact: 1900

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Tue, 13 Aug 2024 11:00:00 GMT
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id: a1e35e73-cbdb-4daa-b7dc-d07a360c76c3
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length: 265
X-XSS-Protection: 0
Pragma: no-cache
x-ms-srs: 1.P
Referrer-Policy: strict-origin-when-cross-origin
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://autologon.microsoftazuread-sso.com/
x-ms-request-id: 26b1adaa-b057-47ae-94eb-026659341800
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server: 2.1.18708.3 - SEC ProdSlices
Expires: -1

GET
H2 200 convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 111 KB
35 KB 38ms
38ms Script
application/x-javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_CCN0bXNsyKGzo-is1AL9Ow2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:01 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 35167
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jun 2024 02:13:45 GMT
etag: 0x8DC90CE9CFCD37E
x-azure-ref: 20240813T110001Z-154b59dbc6dp6phcqrwhfx6qkc0000000eu000000000mxf7
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 69f62f64-201e-001c-4321-e5a1a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer: https://login.microsoftonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 11:00:01 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 621
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:49 GMT
etag: 0x8DB5C3F49ED96E0
x-azure-ref: 20240813T110001Z-154b59dbc6dp6phcqrwhfx6qkc0000000eu000000000mxfd
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8d973616-901e-0018-0f38-e5239c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

POST
H2 200 / Show response
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 153 B
766 B 129ms
48ms XHR
application/json 20.50.201.201
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.201.201 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

49c736759774ba86f60c19077e80c9d48a521918f8a2d2034d0bf1895da66ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1723546803258
client-version: 1DS-Web-JS-3.2.6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://login.microsoftonline.com/
apikey: b0c252808e614e949086e019ae1cb300-e0c02060-e3b3-4965-bd7c-415e1a7a9fde-6951
Client-Id: NO_AUTH

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 11:00:02 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: 299
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type: application/json
access-control-allow-origin: https://login.microsoftonline.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

OPTIONS
H2 200 /
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 0
0 204ms
46ms Preflight 20.50.201.201
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.201.201 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://login.microsoftonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin: https://login.microsoftonline.com
access-control-max-age: 3600
cache-control: public, 3600
content-length: 0
date: Tue, 13 Aug 2024 11:00:02 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
websocket.qal.travelplanet.click/	1969-12-31 23:59:59	Name: io Value: x8R_J1fMHymL_Te8CtMp
login.microsoftonline.com/	1970-01-20 23:28:58	Name: buid Value: 0.AXMAMG4EdUN0wUiJxPcQ_veLK4QeX_9XZoFFk3xxMhrF-WVzAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYz7GNjUUvRjdiY6Cqe1LVPtkEuzmFqyfyNWY5v1ALCmZJlwir3gxZorFNGpcgOppImntMooNKznGXypwbjCfmJbJ6dNYj2aLkMltAkG7W2QAgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYqpZvY1i32akA7IOgnk8WFy4fZaphex6dz3RaJ7pbHtdagrwUIij7y4VAJx2IpiFqcnVmNpDGcI63rPl5NSzIgjJBWsIBGMnfMLeG-9KR1VUX83_JAKJ-96DCf2ZoxxFo77sM8aR8ND_K0T7OyT9bgkMwQjh6kWKIA_DWVfrdKWQgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-1O4AwyHtdRw Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMY3KN2RwQs3a7YfBqkpmqRpEuGHfxfJJjKe99J88qee9mWInKWqKEJa3s8_xeaoIcmyyDLveW9GTbUW8mDUJErRh6ANte_TQQeJ-IHgmKj0F6tSKJwsoplK3ltB4UGkrDTRlQfM4ojFIPnn3PSyhHxsyAA
login.microsoftonline.com/	1970-01-20 23:28:58	Name: fpc Value: As3J0GnoXu5LqIj9aThcuEcQHcLYAQAAAK8zTd4OAAAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
login.microsoftonline.com/	1970-01-21 07:31:22	Name: MicrosoftApplicationsTelemetryDeviceId Value: dfcced0a-1091-41fd-9cf3-b691483d0dc5
.login.microsoftonline.com/	1970-01-21 08:07:22	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 223e2da16c6a4d4bb4aad1ff4809491a
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1723546800&co=1
autologon.microsoftazuread-sso.com/	1970-01-20 23:28:58	Name: fpc Value: As2EEsxLUj9IvdsYajV0FOY
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
login.microsoftonline.com/	1970-01-20 22:45:48	Name: ai_session Value: Z3xhIIVoKJ1md8xUdVJaWU\|1723546801255\|1723546801255
.microsoft.com/	1970-01-21 07:31:22	Name: MC1 Value: GUID=3efee7b5be6c49f38b816ff6b1c9bbaf&HASH=3efe&LV=202408&V=4&LU=1723546803557
.microsoft.com/	1970-01-20 22:45:48	Name: MS0 Value: 6d26788803b4404aa1685f0816c737fe
login.microsoftonline.com/	1970-01-21 07:31:22	Name: MSFPC Value: GUID=3efee7b5be6c49f38b816ff6b1c9bbaf&HASH=3efe&LV=202408&V=4&LU=1723546803557

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://alt.travelplanet.click/webcomponentsjs/webcomponents-lite.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.cibt.com/widget/js/widget.js(Line 14) Message: The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.
network	error	URL: https://autologon.microsoftazuread-sso.com/75046e30-7443-48c1-89c4-f710fef78b2b/winauth/ssoprobe?client-request-id=a1e35e73-cbdb-4daa-b7dc-d07a360c76c3&_=1723546800388 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
recommendation	verbose	URL: https://login.microsoftonline.com/75046e30-7443-48c1-89c4-f710fef78b2b/saml2?SAMLRequest=nZJBb9swDIX%2FiqG7LVlxYkeIU2QNhgXotqDJethlkBW6ESZLnkhn3b8f4ixYe8mhV%2FKB3yMfF3cvnUtOENEGX7M8E%2BxuuUDduV6tBjr6R%2Fg1AFLy0jmPamzUbIheBY0WldcdoCKjdqvPD0pmQvUxUDDBsWSzrtmP3Bza9jBvpJzpXJdVPpsKljxdgTITLNkgDrDxSNpTzaSQRSqqNJ%2Fsc6GmczWdZxNZfmfJ9t%2FoD9YfrH%2B%2B7aO5iFB92u%2B36fbrbs%2BSNSBZr2lEH4l6VJy78Gx91lkTA4aWgnfWQ2ZCx8upKGYwEWlZFJO0qEyeVnNTpG2Zixbasmpkw88nkSxZIUI8D74PHocO4g7iyRr49vjwH6V7m1HUJ3C90x4o62Pgxlnzk%2B%2BOtmmCAzpmiIGf15B8dH2JQ41Hiq9yuL2%2Bvvphyyt9BL3lt5Gf5IK%2FAlzD%2F6I72Ky3wVnz5z3hfwyx03Rbfa7YQ9qOUkVRe7TgiSUr58Lv%2BwiaoGYUB2B8eXH59iuXfwE%3D&RelayState=e76b5264-44fb-4002-a86f-1d0af0c2fb60 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
alt.travelplanet.click
api.alt.travelplanet.click
assets.travelplanet.click
autologon.microsoftazuread-sso.com
cdn.cibt.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
data.travelplanet.click
eu-mobile.events.data.microsoft.com
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
travelplanet-pub.s3.eu-west-3.amazonaws.com
unpkg.com
use.fontawesome.com
websocket.qal.travelplanet.click
104.17.24.14
13.36.21.68
13.37.30.220
13.38.224.165
18.245.60.78
20.50.201.201
2603:1027:1:d8::9
2603:1036:3000:f8::1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3037::ac43:8ef5
2606:4700::6811:f9cb
2606:4700::6812:153
2620:1ec:bdf::67
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200a
2a04:4e42:400::485
40.126.32.138
52.47.53.35
52.95.154.102
06c04412bc38b88073b18744d655e8335fbec057bc3f711518f54c2d5952504c
0f3f8284e407bc8bfb025ab553392d1e94efe022fdc064f625470fdb8665a2a2
0f4b6acab4d01c3131bc66288be9322278d5e3b7e6df4339aaae30854accbae1
0f8539022b5a1a5ba0c8205d9841b8f029802a8a2fe7f87714dc864946f32f4d
1116f2da94e47a0a8905e07f983249c9e306cbf891be8511cf43a6a3bfb08961
163607e1b329b848b568c7b835374eaae4464ff954f402e570e48c4d5bda6f36
18669653fb7e9be60e8da1a37198e4738feb9bbab61ab7537142621d14ca08df
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
2753374dc9f9478217049db0377fe7dd4c23ee0ce2adf68f77ed60b2bc508994
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30ba90e5ed10227d2e78719daf8d188e7b6e1746a0d24cd42a4aae2ff1d89987
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
3f0b3662def62c3f8d6ac5b00eff89074e95b8ba517fb5288ad6827da1c3d515
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
497371efdf64aad60efe029cee23eab68bf0dcb55fc1ee695f26e2f071c82aac
49c736759774ba86f60c19077e80c9d48a521918f8a2d2034d0bf1895da66ec0
4c5e8b4897a9e1f6c1699f7a214ea22650ee6454ad40f2a7bc926ef5bfc06022
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
5b8b1a84f9e6b333149d8a3102ff3d90003e0059d216d13e593e46e5c1da2c2f
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c0455635324d489bf51f12dc1ee262d2f800234b640d8608562a558f672d0f7
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
63b7f41afbbb59237edf4d465f7dfe12122c42459aaa5953ca64cdca0eb26f20
6c7342a56360897db5b2817fc20d88fb4042434e75ce1cacaa4cb7529e9b88d6
6d02a6e9569dd8622c4396a9d9323f84a2ad45282566119f148370a21fec438f
738092b052557040015c8fc4f16de1890876391bf0cbad7f6928d4b1d3c45107
750715c976eb0ebc5daf8a457b31ab44468d397fc3e6473f7ff467de80f5a851
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bcb48b861bc98f3002b37c35d8d5b4715a3e9652f65366598549455e24c8598
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
836225e8a0d50622a2317bb2d4838c666c4d772a6a3f4e20d662376acc18ed9a
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
88109aec2fc3949ca9f849578944cbf2f1fae26319042e86b77a92d00195ed22
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8d31dbc6089dc6195b1945b85a7225a01dcf031bd8cbc3df86029022fe64a5e5
8dd96f4710541e3944dc65b778cf01f5d59510dd5112524de997242477c6f4e8
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
b77085fc2486ede17c594ba50efc4f6aa5c812a0d4edf3904c4bf50c755d6c5b
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
ca6f1a730d48d12a0884dad93caa932eee80096445141195ca2c54f3c96094dd
cc15778da06770d39615c1e3089a17d9a528703bee6902669c483003f47d50dc
d07d58721a86f1bfd69720edd6dc4083e05b2f967e4918a76bcd21c0ae51b3c4
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d51f4ab960fb99db67aa1002976ab96d57967f18cf47c1a0d4aa351df38545de
d8a3670b643c256219e47425eb23b897c1e996c29e664a08859ca33971ea3a88
da7ecfecb27d409b8994bb8d769fd04ce2b29b2d0ea8cbcfd177a89df5ddf945
de1bdeaca0d0f5f1126e9fb121539c515bdd130ec55b1a2fb3d936a2f9374f34
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
df873930781a649155532baf6847a9de161e233e2bf680b111cbee346b6cb6c8
e0213a00c1bd2d0306e52053017ee61d129eecf6ab95d03f795c4b4f909a6d3b
e0d48d87910a9b2765c2e62c6617ffa223c4a7a6611dfb06c2efc10e2c421caf
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed780a4e263455e032f631157cbbcd099a5db83c2e89721e7e0d06198bf6c53e
ef940efcf654855158a77523d0ff7de02cf07a02c3a8597f1f9cf9a93702bd66
f8d63096d908352c667665e3b164a8bd5902d1ba4e857db4c7c3583a323b0e17
ff3950c9ea704493e7198d0a73f5c0ad094be63f59b2d5b1ba49736bd6038af5

login.microsoftonline.com Open in urlscan Pro 2603:1027:1:d8::9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

96 %HTTPS

53 %IPv6

15 Domains

19 Subdomains

19 IPs

6 Countries

3029 kBTransfer

14402 kBSize

18 Cookies

3 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
2603:1027:1:d8::9 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

96 %
HTTPS

53 %
IPv6

15
Domains

19
Subdomains

19
IPs

6
Countries

3029 kB
Transfer

14402 kB
Size

18
Cookies

77 HTTP transactions
0 data transactions