urlscan.io logo urlscan.io
SecurityTrails logo

www.allianzxuanlanyogatour.com Open in urlscan Pro
76.76.21.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3ocgAPb
Effective URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Submission: On February 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 5 countries across 21 domains to perform 63 HTTP transactions. The main IP is 76.76.21.21, located in United States and belongs to AMAZON-02, US. The main domain is www.allianzxuanlanyogatour.com.
TLS certificate: Issued by R3 on December 15th 2021. Valid for: 3 months.
This is the only time www.allianzxuanlanyogatour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
17 76.76.21.21 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 104.18.26.71 13335 (CLOUDFLAR...)
3 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 5 142.250.185.166 15169 (GOOGLE)
4 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.4.233 16509 (AMAZON-02)
2 35.167.27.130 16509 (AMAZON-02)
1 176.31.232.18 16276 (OVH)
2 4 37.252.173.215 29990 (ASN-APPNEX)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 142.250.185.130 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
63 26
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
17    76.76.21.21 (United States)

ASN16509 (AMAZON-02, US)
www.allianzxuanlanyogatour.com
7    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    104.18.26.71 (None, )

ASN13335 (CLOUDFLARENET, US)
form.typeform.com
3    2600:9000:2156:7c00:9:b3c8:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
font.typeform.com
1    2600:9000:2156:d600:8:2495:5540:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.typeform.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
8383920.fls.doubleclick.net
ad.doubleclick.net
4    2600:9000:2156:4000:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
renderer-assets.typeform.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    18.66.4.233 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-4-233.txl50.r.cloudfront.net
cdn.segment.com
2    35.167.27.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-27-130.us-west-2.compute.amazonaws.com
api.segment.io
1    176.31.232.18 (France)

ASN16276 (OVH, FR)
PTR: ns3044662.ip-176-31-232.eu
px.sunmedia.tv
4    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
17 allianzxuanlanyogatour.com
www.allianzxuanlanyogatour.com
1 MB
12 typeform.com
form.typeform.com — Cisco Umbrella Rank: 62088
font.typeform.com — Cisco Umbrella Rank: 44884
images.typeform.com — Cisco Umbrella Rank: 44208
renderer-assets.typeform.com — Cisco Umbrella Rank: 36411
959 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 443
120 KB
6 doubleclick.net
8383920.fls.doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 167
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
4 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 350
4 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
145 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
386 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
115 KB
2 segment.io
api.segment.io — Cisco Umbrella Rank: 1009
285 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
www.google.de — Cisco Umbrella Rank: 6342
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
15 KB
1 sunmedia.tv
px.sunmedia.tv — Cisco Umbrella Rank: 284271
2 KB
1 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1481
54 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 709
455 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610
16 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
31 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 546
24 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4034
339 B
0 rudderlabs.com Failed
cdn.rudderlabs.com Failed
63 21
Domain Requested by
17 www.allianzxuanlanyogatour.com www.allianzxuanlanyogatour.com
7 cdn.cookielaw.org www.allianzxuanlanyogatour.com
cdn.cookielaw.org
4 secure.adnxs.com 2 redirects 8383920.fls.doubleclick.net
text
4 renderer-assets.typeform.com form.typeform.com
renderer-assets.typeform.com
4 form.typeform.com www.allianzxuanlanyogatour.com
form.typeform.com
renderer-assets.typeform.com
3 8383920.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
3 font.typeform.com form.typeform.com
font.typeform.com
3 www.googletagmanager.com www.allianzxuanlanyogatour.com
form.typeform.com
px.sunmedia.tv
2 ad.doubleclick.net 2 redirects
2 www.facebook.com 8383920.fls.doubleclick.net
form.typeform.com
2 connect.facebook.net px.sunmedia.tv
connect.facebook.net
2 api.segment.io cdn.segment.com
2 adservice.google.com 8383920.fls.doubleclick.net
text
1 www.google.de 8383920.fls.doubleclick.net
1 www.google.com 8383920.fls.doubleclick.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 px.sunmedia.tv 8383920.fls.doubleclick.net
1 cdn.segment.com renderer-assets.typeform.com
1 adservice.google.de 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 images.typeform.com form.typeform.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 maxcdn.bootstrapcdn.com www.allianzxuanlanyogatour.com
1 ajax.googleapis.com www.allianzxuanlanyogatour.com
1 code.jquery.com www.allianzxuanlanyogatour.com
1 bit.ly 1 redirects
0 cdn.rudderlabs.com Failed renderer-assets.typeform.com
63 28

This site contains links to these domains. Also see Links.

Domain
consaludmental.org
www.instagram.com
www.youtube.com
www.facebook.com
twitter.com
www.onetrust.com
Subject Issuer Validity Valid
www.allianzxuanlanyogatour.com
R3		 2021-12-15 -
2022-03-15		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
typeform.com
Cloudflare Inc ECC CA-3		 2021-10-22 -
2022-10-21		 a year crt.sh
*.typeform.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.sunmedia.tv
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-03 -
2022-03-03		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Frame ID: 54FF0E4BA9AC5BE7128D445B042489BF
Requests: 29 HTTP requests in this frame

Frame: https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Frame ID: 063EB56B48ECB7EB8106CFBAC712F5FD
Requests: 18 HTTP requests in this frame

Frame: https://8383920.fls.doubleclick.net/activityi;dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Frame ID: EF5D3D873D10CD775D6CDEA6DA932933
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Frame ID: CA61AA23BB6EB216DDDAD547A7C6D068
Requests: 1 HTTP requests in this frame

Frame: https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Frame ID: B336E794BF647BD9CE84E49B9EF63B34
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: A96EFC93FE78CBA544FC7F6F31D98ADA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Allianz Xuan Lan Yoga Tour | Sorteo IbizaBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://bit.ly/3ocgAPb HTTP 301
    https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

94 %
HTTPS

64 %
IPv6

21
Domains

28
Subdomains

26
IPs

5
Countries

2927 kB
Transfer

6342 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3ocgAPb HTTP 301
    https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://8383920.fls.doubleclick.net/activityi;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext HTTP 302
  • https://8383920.fls.doubleclick.net/activityi;dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Request Chain 43
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext HTTP 302
  • https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Request Chain 50
  • https://secure.adnxs.com/px?id=1537763&seg=27905019&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
Request Chain 54
  • https://secure.adnxs.com/px?id=1537763&seg=27905019&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
Request Chain 58
  • https://ad.doubleclick.net/ddm/activity/src=11368347;type=invmedia;cat=allia001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=11368347;dc_pre=CKuciLKilvYCFQmtsgod2lQOqA;type=invmedia;cat=allia001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=11368347;dc_pre=CKuciLKilvYCFQmtsgod2lQOqA;type=invmedia;cat=allia001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sorteo
www.allianzxuanlanyogatour.com/
Redirect Chain
  • https://bit.ly/3ocgAPb
  • https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
93d77b1ef52526ff8f8e598116f885cce5ebee1f037182984ad7edd22b126b5c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-type
text/html; charset=utf-8
cache-control
s-maxage=0
etag
W/"93d77b1ef52526ff8f8e598116f885cce5ebee1f037182984ad7edd22b126b5c"
access-control-allow-origin
*
content-disposition
inline; filename="index.html"
age
1322797
x-vercel-cache
HIT
server
Vercel
x-vercel-id
fra1:fra1::hx9ns-1645634539021-a28ee96beac4
strict-transport-security
max-age=63072000
content-encoding
br

Redirect headers

server
nginx
date
Wed, 23 Feb 2022 16:42:18 GMT
content-type
text/html; charset=utf-8
content-length
201
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
referrer-policy
unsafe-url
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zadN1tnUFXNBOXe6vsJdDg==
age
3338
vary
Accept-Encoding
content-length
6456
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 07:35:54 GMT
server
cloudflare
etag
0x8D9F5D5F5C3F550
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
46acfd4d-501e-004e-15c0-271d03000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e21e81d6f0d6913-FRA
2.fcb20ac0.chunk.css
www.allianzxuanlanyogatour.com/static/css/ 		164 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allianzxuanlanyogatour.com/static/css/2.fcb20ac0.chunk.css
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c0f394f4e8692b7738dd041bbcf3167d6e266f87687f309ca5e519cfe326382c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
5471896
x-vercel-id
fra1:fra1::hx9ns-1645634539111-92775203abf5
etag
W/"c0f394f4e8692b7738dd041bbcf3167d6e266f87687f309ca5e519cfe326382c"
strict-transport-security
max-age=63072000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="2.fcb20ac0.chunk.css"
x-vercel-cache
HIT
main.2e3c9c43.chunk.css
www.allianzxuanlanyogatour.com/static/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allianzxuanlanyogatour.com/static/css/main.2e3c9c43.chunk.css
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8e3d832d0dd423f730ac7d932c73dd939866fe51c625761762dcba0a74427fd4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
1646203
x-vercel-id
fra1:fra1::hx9ns-1645634539111-b45ad07b34f2
etag
W/"8e3d832d0dd423f730ac7d932c73dd939866fe51c625761762dcba0a74427fd4"
strict-transport-security
max-age=63072000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.2e3c9c43.chunk.css"
x-vercel-cache
HIT
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-10fdd"
vary
Accept-Encoding
x-hw
1645634539.dop146.am5.t,1645634539.cds246.am5.hn,1645634539.cds255.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
23856
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 11:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Feb 2023 11:48:12 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
2530804
cdn-cachedat
2021-06-03 21:35:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2cb00a37491ee52b7f77e4c15001e1f8
cf-ray
6e21e81d7d739265-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
2.dadc2d82.chunk.js
www.allianzxuanlanyogatour.com/static/js/ 		369 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allianzxuanlanyogatour.com/static/js/2.dadc2d82.chunk.js
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
778a5268816202ac789beb893f74759b76916c72a2af61d9059b577f8ce86ce3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
1646203
x-vercel-id
fra1:fra1::hx9ns-1645634539111-87113dee5619
etag
W/"778a5268816202ac789beb893f74759b76916c72a2af61d9059b577f8ce86ce3"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="2.dadc2d82.chunk.js"
x-vercel-cache
HIT
main.c47ecbc5.chunk.js
www.allianzxuanlanyogatour.com/static/js/ 		103 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allianzxuanlanyogatour.com/static/js/main.c47ecbc5.chunk.js
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
9cd96585ee6fa528bd8fcee56167e56f2e9c9a47900a6e8b26b69c6a98f7feb2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
1316319
x-vercel-id
fra1:fra1::hx9ns-1645634539111-6e1d6505b6fa
etag
W/"9cd96585ee6fa528bd8fcee56167e56f2e9c9a47900a6e8b26b69c6a98f7feb2"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.c47ecbc5.chunk.js"
x-vercel-cache
HIT
fc53c9bb-e2b2-4e21-ba16-dc5e52ef7246.json
cdn.cookielaw.org/consent/fc53c9bb-e2b2-4e21-ba16-dc5e52ef7246/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fc53c9bb-e2b2-4e21-ba16-dc5e52ef7246/fc53c9bb-e2b2-4e21-ba16-dc5e52ef7246.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319d939abf247d905a3912dc452c5b9388f30eea2ed6a48b8d7c0bbb8c58b5ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
eSiSPRlgwUy2c5T7WmklJA==
vary
Accept-Encoding
content-length
1278
x-ms-lease-status
unlocked
last-modified
Wed, 13 Oct 2021 12:07:27 GMT
server
cloudflare
etag
0x8D98E420610FAD8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e6c5ccc0-401e-001e-28d4-28020b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e21e81daa9e9162-FRA
expires
Wed, 23 Feb 2022 20:42:19 GMT
gtm.js
www.googletagmanager.com/ 		141 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PHPJXNQ
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12accfb74a4550693317bf3d62ed60735c84135ec24e9e50114fd564a1466ef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53303
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Feb 2022 16:42:19 GMT
AllianzNeo-Regular.68551fcd.otf
www.allianzxuanlanyogatour.com/static/media/ 		60 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.allianzxuanlanyogatour.com/static/media/AllianzNeo-Regular.68551fcd.otf
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/static/css/main.2e3c9c43.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d6399013be9738a2f224f5f250083395dddc211a215375de087b5477660fe547
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.allianzxuanlanyogatour.com/static/css/main.2e3c9c43.chunk.css
Origin
https://www.allianzxuanlanyogatour.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539179-f47f6e28b7e2
etag
W/"d6399013be9738a2f224f5f250083395dddc211a215375de087b5477660fe547"
strict-transport-security
max-age=63072000
content-type
font/otf
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="AllianzNeo-Regular.68551fcd.otf"
x-vercel-cache
HIT
allianz-positivo-1-1@2x.svg
www.allianzxuanlanyogatour.com/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/allianz-positivo-1-1@2x.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ebd2cf7b53f0e746ecd6bf5e10cee012337fed6d426cb7d8af26f0185e986175
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539223-dc1e4be81931
etag
W/"ebd2cf7b53f0e746ecd6bf5e10cee012337fed6d426cb7d8af26f0185e986175"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="allianz-positivo-1-1@2x.svg"
x-vercel-cache
HIT
toggle-icon.svg
www.allianzxuanlanyogatour.com/images/ 		700 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/toggle-icon.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2d58aa8b220db3f6eb6d30aeab1e0a496d8bd8c336db686f371aa7a4fc28fcf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539224-35c2baad8dbf
etag
W/"2d58aa8b220db3f6eb6d30aeab1e0a496d8bd8c336db686f371aa7a4fc28fcf4"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="toggle-icon.svg"
accept-ranges
bytes
x-vercel-cache
HIT
content-length
700
close-icon.svg
www.allianzxuanlanyogatour.com/images/ 		1 KB
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/close-icon.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f515de511b17399fb7edeae5885ccb63492a7a6f3b8d6cca332fc4f0a0d5c8fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539224-d331333459c0
etag
W/"f515de511b17399fb7edeae5885ccb63492a7a6f3b8d6cca332fc4f0a0d5c8fc"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="close-icon.svg"
x-vercel-cache
HIT
Header.png
www.allianzxuanlanyogatour.com/images/ 		855 KB
856 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/Header.png
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
573c6fd9679e728de4d0d91aed5740664935d946af4badabcbbad943c20d1b3b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
server
Vercel
age
1617139
x-vercel-id
fra1:fra1::hx9ns-1645634539224-c28b5c3203e5
etag
W/"573c6fd9679e728de4d0d91aed5740664935d946af4badabcbbad943c20d1b3b"
strict-transport-security
max-age=63072000
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="Header.png"
accept-ranges
bytes
x-vercel-cache
HIT
content-length
875223
conf_saludmental_espana1.svg
www.allianzxuanlanyogatour.com/images/ 		73 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/conf_saludmental_espana1.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1111d9983c455922e88b84da02dfc8d41501e27f19cc211ed1424f420423986c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539224-23e8f90acbde
etag
W/"1111d9983c455922e88b84da02dfc8d41501e27f19cc211ed1424f420423986c"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="conf_saludmental_espana1.svg"
x-vercel-cache
HIT
LogoSolgar.svg
www.allianzxuanlanyogatour.com/images/ 		758 KB
313 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/LogoSolgar.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0c92237d691a694ac5027b6a1ba52c4c8bb5e45b9e49c52cc0fbfa9d17bb51af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539224-9aa3aa15646a
etag
W/"0c92237d691a694ac5027b6a1ba52c4c8bb5e45b9e49c52cc0fbfa9d17bb51af"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="LogoSolgar.svg"
x-vercel-cache
HIT
ECI.svg
www.allianzxuanlanyogatour.com/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/ECI.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
9fbea7b7faeecbee190b1398f3d16ae954569499c1a7926ffdf72b652fd4cb79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539224-289851bb2474
etag
W/"9fbea7b7faeecbee190b1398f3d16ae954569499c1a7926ffdf72b652fd4cb79"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="ECI.svg"
x-vercel-cache
HIT
social--media-instagram--square@2x.svg
www.allianzxuanlanyogatour.com/images/ 		1 KB
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/social--media-instagram--square@2x.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cf698ddced583fb100439087e4b5f7d84f3c09485a7cbb1c9bdd866dadf8f120
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539224-e1c20cfac953
etag
W/"cf698ddced583fb100439087e4b5f7d84f3c09485a7cbb1c9bdd866dadf8f120"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="social--media-instagram--square@2x.svg"
x-vercel-cache
HIT
youtube-square.svg
www.allianzxuanlanyogatour.com/images/ 		547 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/youtube-square.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1f7477246da945b0ce73162ec46a43cae52ad19a3f9e1a2776122147d115dff5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539224-e9cd550aa15a
etag
W/"1f7477246da945b0ce73162ec46a43cae52ad19a3f9e1a2776122147d115dff5"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="youtube-square.svg"
accept-ranges
bytes
x-vercel-cache
HIT
content-length
547
social--media-facebook@2x.svg
www.allianzxuanlanyogatour.com/images/ 		651 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/social--media-facebook@2x.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
83f07006fc9e2838b42de7ef5ab134db99bd05258a13426c9f09f817f087f17f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539224-c4d8a436c658
etag
W/"83f07006fc9e2838b42de7ef5ab134db99bd05258a13426c9f09f817f087f17f"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="social--media-facebook@2x.svg"
accept-ranges
bytes
x-vercel-cache
HIT
content-length
651
social--media-twitter--square@2x-svg.svg
www.allianzxuanlanyogatour.com/images/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allianzxuanlanyogatour.com/images/social--media-twitter--square@2x-svg.svg
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
476f857c0955289958f450d4011fedf557a12b44c4b37b1607d6c7622d60f73b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/sorteo?utm_source=hearsay&utm_medium=social&utm_campaign=sorteoxuan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
br
server
Vercel
age
5471886
x-vercel-id
fra1:fra1::hx9ns-1645634539231-f1e34a9209cb
etag
W/"476f857c0955289958f450d4011fedf557a12b44c4b37b1607d6c7622d60f73b"
strict-transport-security
max-age=63072000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="social--media-twitter--square@2x-svg.svg"
x-vercel-cache
HIT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		182 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6afee29defad466d4261ffa3473a90050d6202d9270147a8ea95b49dcde213c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.allianzxuanlanyogatour.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e21e81e48a29150-FRA
access-control-allow-headers
Content-Type
ElNAR7PZ
form.typeform.com/to/ Frame 063E 		119 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Requested by
Host: www.allianzxuanlanyogatour.com
URL: https://www.allianzxuanlanyogatour.com/static/js/2.dadc2d82.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 6232-3.313.1
Resource Hash
351dae107ab78eca4ae6e08841029b0eb584e128188bcb47e5face03723054f7
Security Headers
Name Value
Content-Security-Policy report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' ; frame-ancestors http://localhost:* capacitor: ionic: https:;
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/

Response headers

date
Wed, 23 Feb 2022 16:42:19 GMT
content-type
text/html; charset=utf-8
age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-security-policy
report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' ; frame-ancestors http://localhost:* capacitor: ionic: https:;
pragma
no-cache
vary
Accept-Encoding
x-cache
MISS
x-cache-lookup
HIT
x-envoy-upstream-service-time
188
x-powered-by
6232-3.313.1
x-varnish
2530239
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-expose-headers
Location, X-Request-Id
strict-transport-security
max-age=31536000; includeSubDomains
x-newp
Yes
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJ%2FOlOyl%2FCeqiN2aUb8RAVbDMor0w2X5a%2FuFNaUOOOb2qahHI9Qsvq1Um%2FnZ7Ka054xeepraPbRhdSv53h6GylbrkDcBBUyteNjH4QAtxZoWWa4vC2RFPlxppsJs65aKPtQE"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e21e81e99ef9066-FRA
content-encoding
gzip
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.24.0/ 		317 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
V5hcbF1dEgrls6P2M61C9g==
age
3338
vary
Accept-Encoding
content-length
77260
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:37 GMT
server
cloudflare
etag
0x8D983BB67EEBDFE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5a6c010d-801e-0065-7c82-0f69bb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e21e81ea9ba6913-FRA
es.json
cdn.cookielaw.org/consent/fc53c9bb-e2b2-4e21-ba16-dc5e52ef7246/8f1c351b-b807-4d30-95a9-aa7401d20a17/ 		84 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fc53c9bb-e2b2-4e21-ba16-dc5e52ef7246/8f1c351b-b807-4d30-95a9-aa7401d20a17/es.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc8d9b8c78b4402dd48117b68f147b7513b6212126a54580654f5977873a59c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
cZ4PFqXkLu7mXv0kEs59eg==
vary
Accept-Encoding
content-length
16851
x-ms-lease-status
unlocked
last-modified
Wed, 13 Oct 2021 12:07:29 GMT
server
cloudflare
etag
0x8D98E4207A35613
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5b47e212-301e-00ff-47ae-28e57e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e21e81efe819162-FRA
expires
Wed, 23 Feb 2022 20:42:19 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
FNyxpIt5ExRRMGYfAjVUrQ==
vary
Accept-Encoding
content-length
2584
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:29 GMT
server
cloudflare
etag
0x8D983BB6347FB45
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f866f0ea-d01e-00ba-72d4-2838ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e21e81f5fa09162-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5c7086df4faeb13166aed8770fb13cc3a4a159158221f000c8d4130dfda4815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
40jAh+GGvTmI/sdgOy4rjw==
vary
Accept-Encoding
content-length
11515
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:30 GMT
server
cloudflare
etag
0x8D983BB63B48D35
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5d292a48-801e-0125-76d4-280600000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e21e81f5fa19162-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allianzxuanlanyogatour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 23 Feb 2022 16:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
Ye6OeZcNyuFoWog7CYs00A==
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d0977061-801e-016a-42d4-28c218000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6e21e81f5fa39162-FRA
index.css
font.typeform.com/dist/google/montserrat/ Frame 063E 		3 KB
845 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://font.typeform.com/dist/google/montserrat/index.css
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7c00:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f400b15a0961894f05332c928ea5010990855dbc7c74160ec00a565dbfe9a19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 21:45:32 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 09:40:35 GMT
server
AmazonS3
age
155296
etag
W/"c50110950477b4044366b1ddb10cb8c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=432000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
VZ3AM2bOmeWSKDnC-1RidlCMpJzkCDmEaJytAxH5eh0jKqiAepEWyw==
large
images.typeform.com/images/SDvTNYEBCY6p/background/ Frame 063E 		493 KB
495 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.typeform.com/images/SDvTNYEBCY6p/background/large
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d600:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bbf38369b0fe552de896ffe2e7b7cdfd115d188f277fd8fdbf9b0366b984b6b8
Security Headers
Name Value
Content-Security-Policy script-src 'self'

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:21 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront), 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5, FRA50-C1
x-amzn-requestid
4ee52084-3857-4811-a20d-3083c82cc4a7
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amzn-trace-id
Root=1-621663ec-48a48e4a7bacf54512903f33;Sampled=0
content-security-policy
script-src 'self'
x-amz-apigw-id
OASM9GSRoAMFvWQ=
content-length
505253
x-amz-cf-id
ULDwfwI8SgKzPsqCx33MhHx85I6h-2pOHRJ_SukjYD4M1aBI7a7sRw==
api.js
form.typeform.com/cdn-cgi/bm/cv/669835187/ Frame 063E 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.typeform.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S02D9J7OTpiPOsh4O9XynS7Ss8GgnE4qsahbb9q9tv5NQCrlTA9I3UmyGNV4ywlNYqyMtf5vZbAdet%2FC10PRXOTD2TFpFB%2BUx0VJa09B1VRfn0T9HjThg94sPhvFm0ZbOniS"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6e21e8234be79066-FRA
gtm.js
www.googletagmanager.com/ Frame 063E 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PHPJXNQ&l=googleTagManager
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08993ffc284d73afb66aa3a33c575f401be8be9d1b115c2bdd32619ac57fb200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53319
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Feb 2022 16:42:20 GMT
analytics.js
www.google-analytics.com/ Frame 063E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHPJXNQ&l=googleTagManager
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4047
date
Wed, 23 Feb 2022 15:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 23 Feb 2022 17:34:53 GMT
activityi;dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604...
8383920.fls.doubleclick.net/ Frame EF5D
Redirect Chain
  • https://8383920.fls.doubleclick.net/activityi;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D94036606896...
  • https://8383920.fls.doubleclick.net/activityi;dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ...
647 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8383920.fls.doubleclick.net/activityi;dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHPJXNQ&l=googleTagManager
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
42ead4573b1da840409985e6821be74f36b8188682d170317cae602a003622bf
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 23 Feb 2022 16:42:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
456
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 23 Feb 2022 16:42:20 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8383920.fls.doubleclick.net/activityi;dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
modern-renderer.bd01e42b634677767f5c.js
renderer-assets.typeform.com/ Frame 063E 		536 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-renderer.bd01e42b634677767f5c.js
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4000:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fdb547582bce4bb69e3faf9dc71dbf91a73ac9dbd4416ababaa28d02c60f949

Request headers

Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Origin
https://form.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 09:15:15 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
26826
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 22 Feb 2022 16:25:20 GMT
server
AmazonS3
etag
W/"836db0d74f90270235bc1d95b85918a8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ZukELofYjBPnBWKH12jeydcECIWvkiC1-OLOiL3pCAr-1oRvXtktiA==
result
form.typeform.com/cdn-cgi/bm/cv/ Frame 063E 		0
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://form.typeform.com/cdn-cgi/bm/cv/result?req_id=6e21e81e99ef9066
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 23 Feb 2022 16:42:20 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g39t4ICbc9rEhLbyKxmv8KSPItkOotlJssFMHZD1mqiUWf7Vg89B3iW6UI6TM5Mw%2B7TlJid6%2Bg87yygzBK2OqIo9ir880Iz60U0lDFGwuH9WcGAmzLHyVbk5JkSZLZxkQ1bf"}],"group":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6e21e824aef29066-FRA
modern-vendors~attachment~form.282020ffcf1c8380565e.js
renderer-assets.typeform.com/ Frame 063E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-vendors~attachment~form.282020ffcf1c8380565e.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.bd01e42b634677767f5c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4000:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3244a757f8ad5ad9919e06b19215715a211bd06316feec3d84407cb941187c10

Request headers

Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Origin
https://form.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 09:20:13 GMT
content-encoding
gzip
vary
Access-Control-Request-Headers,Access-Control-Request-Method
age
26528
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 18 Feb 2022 16:21:06 GMT
server
AmazonS3
etag
W/"bd3e3a044a6aecddaa6211fc4b5f101c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
pUPLv4EOwS5y0stajyctMwg5TtkNLYlrit2S3TYGF9N5T1GM7mEkKg==
modern-vendors~form.5d9055e784db75c3aea8.js
renderer-assets.typeform.com/ Frame 063E 		410 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-vendors~form.5d9055e784db75c3aea8.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.bd01e42b634677767f5c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4000:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20c45f57f5c629f7df5bfe08bee049689f61204de490a805d93edb43f1468877

Request headers

Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Origin
https://form.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 09:15:16 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
26825
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 22 Feb 2022 16:25:20 GMT
server
AmazonS3
etag
W/"4be5ee31a055b671b17a78f0ea37ead2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ciQG-0KUHWCwUnYWy8s3kizQJowRI76aOSNBked51mcaX-Ou4VwSdA==
modern-form.d01953db60f24ce52eb7.js
renderer-assets.typeform.com/ Frame 063E 		315 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-form.d01953db60f24ce52eb7.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.bd01e42b634677767f5c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4000:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fd85e514b2e3c0dad92231579492c9b5c84b3dff3b04dd12fb84ea9815db3d5

Request headers

Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Origin
https://form.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 09:15:16 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
26825
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 22 Feb 2022 16:25:20 GMT
server
AmazonS3
etag
W/"29c6902bfd3df492681151bf441dbc9a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
th2bavD-s6C4TvQ8DHkARSHDfEwlQFidaWYZ5OdxdXtEj42I7qlGyQ==
montserrat-latin-400-normal.woff2
font.typeform.com/dist/google/montserrat/files/ Frame 063E 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://font.typeform.com/dist/google/montserrat/files/montserrat-latin-400-normal.woff2
Requested by
Host: font.typeform.com
URL: https://font.typeform.com/dist/google/montserrat/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7c00:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Request headers

Referer
https://font.typeform.com/dist/google/montserrat/index.css
Origin
https://form.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 20:50:13 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
age
244328
x-cache
Hit from cloudfront
content-length
19844
last-modified
Mon, 14 Feb 2022 09:40:35 GMT
server
AmazonS3
etag
"8037e9fc6d8fca40a9eb783c7510b12e"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=432000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
8A9eReE5GOSj-VUgQwZ_MKWvWBB5gahb7iDrplC_qnjIbq4R0fRNUA==
dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26type...
adservice.google.com/ddm/fls/i/ Frame CA61 		646 B
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Requested by
Host: 8383920.fls.doubleclick.net
URL: https://8383920.fls.doubleclick.net/activityi;dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0eb379a3761c7b8312096c7cb929e26f5fcfe7a732e7ae59148abfe98cad3332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 23 Feb 2022 16:42:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
455
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
montserrat-latin-700-normal.woff2
font.typeform.com/dist/google/montserrat/files/ Frame 063E 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://font.typeform.com/dist/google/montserrat/files/montserrat-latin-700-normal.woff2
Requested by
Host: font.typeform.com
URL: https://font.typeform.com/dist/google/montserrat/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7c00:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Request headers

Referer
https://font.typeform.com/dist/google/montserrat/index.css
Origin
https://form.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 19:52:56 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
age
334165
x-cache
Hit from cloudfront
content-length
20040
last-modified
Mon, 14 Feb 2022 09:40:35 GMT
server
AmazonS3
etag
"7bad4a6005ffca3966b2a099250e0638"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=432000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
TMAmbg3ixbGMBDUDYnvZGZU6j68O-SZ-XiJ7_HPzhU3ueyLYMwHJsQ==
dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26type...
8383920.fls.doubleclick.net/ddm/fls/r/ Frame B336
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypef...
  • https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ...
349 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
c7fd6b8d975749628f08a760a97bf88ee33b3c01647a651976578a9737e3cfc5
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 23 Feb 2022 16:42:20 GMT
expires
Wed, 23 Feb 2022 16:42:20 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 23 Feb 2022 16:42:20 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
view-form-open
form.typeform.com/forms/ElNAR7PZ/insights/events/ Frame 063E 		2 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://form.typeform.com/forms/ElNAR7PZ/insights/events/view-form-open
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.5d9055e784db75c3aea8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Feb 2022 16:42:20 GMT
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-release
1794330045
x-envoy-upstream-service-time
2
content-length
2
x-build-date
2022-02-04T10:07:01+0000
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrJQy%2BN1H8ULGpEQ2o9cLyiSmSMhPV2zBxvSu2ld29iEJ2mEFA0vLUtT81xwxz%2FgXFQVIYughJOtuWCKOy%2BpGTQh6cXdZLWHSVTSUOepCGRwvcaBcPQnJIWOPf2BgpNoDyVv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://form.typeform.com
x-newp
Yes
access-control-expose-headers
Location, X-Request-Id
x-service
insights-3.0
x-commit-sha
0fef80397098df2afb7210a68ab862a9711b9ee4
cf-ray
6e21e8267b149066-FRA
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version
analytics.min.js
cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/ Frame 063E 		349 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.5d9055e784db75c3aea8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.4.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-4-233.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c06123162966e3e707e462ce54da89f7e8dfd956192c925801e2aee1f31ef4ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
c2n14XNmmo8ws8wWf6JbDbf2FDYboyGl
content-encoding
br
etag
W/"c9051d25ae8192f386c2f09d44d4d620"
age
63
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Wed, 09 Feb 2022 15:31:12 GMT
server
AmazonS3
date
Wed, 23 Feb 2022 16:41:17 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 2f927b8fefe61ec7dd1d6dda3df37d18.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
TXL50-P1
x-amz-cf-id
AjmSxk99-3qAWrEE6Q56Zw85or-OW2NCKSPsmavn1FAZel0WjDukkg==
rudder-analytics.min.js
cdn.rudderlabs.com/v1/ Frame 063E 		0
0
i
api.segment.io/v1/ Frame 063E 		21 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.27.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-27-130.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://form.typeform.com
date
Wed, 23 Feb 2022 16:42:21 GMT
content-length
21
vary
Origin
content-type
application/json
tr
px.sunmedia.tv/ Frame B336 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.sunmedia.tv/tr?parser=https%3A%2F%2Fsecure.adnxs.com%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
Requested by
Host: 8383920.fls.doubleclick.net
URL: https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.31.232.18 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3044662.ip-176-31-232.eu
Software
/ Express
Resource Hash
d30d8c6881637fed9b14bccae6c567b027a607f36cd541739ba4bc824c0db227

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:21 GMT
etag
W/"82c-WDz4tRA/xpXkfQi3Bcy1/RdztNE"
tracker3
9
traceparent
00-f9e293787cf2764f66ee7e675c959419-152874b29a97665c-00
x-powered-by
Express
content-type
application/javascript; charset=utf-8
accept
*/*
parser
noundefined
content-length
2092
x-hs
holaserver_name
querycp
undef
t
api.segment.io/v1/ Frame 063E 		21 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.27.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-27-130.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://form.typeform.com
date
Wed, 23 Feb 2022 16:42:21 GMT
content-length
21
vary
Origin
content-type
application/json
bounce
secure.adnxs.com/ Frame B336
Redirect Chain
  • https://secure.adnxs.com/px?id=1537763&seg=27905019&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
362 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
Requested by
Host: 8383920.fls.doubleclick.net
URL: https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b96d948b65b3697dfd469fdd45e926452ce7654fad7bb3d6b5fe8f4d96f675b4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Feb 2022 16:42:21 GMT
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
44859088-0092-412a-b789-7711dd41a26d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
362
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Feb 2022 16:42:21 GMT
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9f351341-5b1f-4622-9be2-09f6729e923a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame A96E 		128 B
128 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e77993968a5380fc8c980d1a272936e9ceacd36aeca3530d7efe4aed869e770

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
js
www.googletagmanager.com/gtag/ Frame B336 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-992151703
Requested by
Host: px.sunmedia.tv
URL: https://px.sunmedia.tv/tr?parser=https%3A%2F%2Fsecure.adnxs.com%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0fa285bc53b79c4557b16b3897a4ad99801b0b700a631d003c54560ac7bfcc3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40719
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Feb 2022 16:42:21 GMT
fbevents.js
connect.facebook.net/en_US/ Frame B336 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: px.sunmedia.tv
URL: https://px.sunmedia.tv/tr?parser=https%3A%2F%2Fsecure.adnxs.com%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
LAiPevneDxgk+W6NSnzrAHEO9aKqv3U9HK0LzjDvHon+sdCnNL2QPuAoKmr6dFqKx1Ste5dMLfbyudP+D76mZg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 23 Feb 2022 16:42:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bounce
secure.adnxs.com/ Frame A96E
Redirect Chain
  • https://secure.adnxs.com/px?id=1537763&seg=27905019&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
362 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
Requested by
Host: text
URL: data:text/html;charset=utf-8,%3Chtml%3E%3Chead%3E%3Cscript%20src%3D%22https://secure.adnxs.com/px?id=1537763&seg=27905019&t=1%22%20type%3D%22text%2Fjavascript%22%3E%3C%2Fscript%3E%3C%2Fhead%3E%3C%2Fhtml%3E
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b96d948b65b3697dfd469fdd45e926452ce7654fad7bb3d6b5fe8f4d96f675b4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Feb 2022 16:42:21 GMT
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dd2bb675-15ac-493e-b7c2-6b01138d8d1c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
362
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Feb 2022 16:42:21 GMT
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9e206aad-ce7b-4d71-81b1-ca74cf45941b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1537763%26seg%3D27905019%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
399536577356558
connect.facebook.net/signals/config/ Frame B336 		309 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/399536577356558?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
131abb46f8ea91008642cb67bc34aab93a5c2705b9bba94ffa481de55d3ba3c2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
90295
x-xss-protection
0
pragma
public
x-fb-debug
zjbK3lWaEZLWiU1eO7jriCEqALTF5brEUm0lbJuqvWA39Mpfq/tIE3RqOoixRNDhJnGHx+54bn3e8vnl4qL1jQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 23 Feb 2022 16:42:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame B336 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-992151703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Feb 2022 16:42:21 GMT
/
www.facebook.com/tr/ Frame B336 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399536577356558&ev=ViewContent&dl=https%3A%2F%2F8383920.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIHHzbGilvYCFRP0GwodslQMjQ%3Bsrc%3D8383920%3Btype%3Dxuanl0%3Bcat%3Dxuanl0%3Bord%3D9484879672481%3Bgtm%3D2wg2g0%3B~oref%3Dhttps%253A%252F%252Fform.typeform.com%252Fto%252FElNAR7PZ%253Ftypeform-embed-id%253D9403660689604065%2526typeform-embed%253Dembed-widget%2526typeform-source%253Dallianzxuanlanyogatour.com%2526typeform-medium%253Dembed-sdk%2526typeform-medium-version%253Dnext&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1645634541166&cd[content_type]=tracker&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&it=1645634541113&coo=false&exp=p1&rqm=GET
Requested by
Host: 8383920.fls.doubleclick.net
URL: https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 23 Feb 2022 16:42:21 GMT
src=11368347;dc_pre=CKuciLKilvYCFQmtsgod2lQOqA;type=invmedia;cat=allia001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/ Frame A96E
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=11368347;type=invmedia;cat=allia001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
  • https://ad.doubleclick.net/ddm/activity/src=11368347;dc_pre=CKuciLKilvYCFQmtsgod2lQOqA;type=invmedia;cat=allia001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr...
  • https://adservice.google.com/ddm/fls/z/src=11368347;dc_pre=CKuciLKilvYCFQmtsgod2lQOqA;type=invmedia;cat=allia001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=11368347;dc_pre=CKuciLKilvYCFQmtsgod2lQOqA;type=invmedia;cat=allia001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
Requested by
Host: text
URL: data:text/html;charset=utf-8,%3Chtml%3E%3Chead%3E%3Cscript%20src%3D%22https://secure.adnxs.com/px?id=1537763&seg=27905019&t=1%22%20type%3D%22text%2Fjavascript%22%3E%3C%2Fscript%3E%3C%2Fhead%3E%3C%2Fhtml%3E
Protocol
H3
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 16:42:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Feb 2022 16:42:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=11368347;dc_pre=CKuciLKilvYCFQmtsgod2lQOqA;type=invmedia;cat=allia001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/992151703/ Frame B336 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992151703/?random=1645634541195&cv=9&fst=1645634541195&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8383920.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIHHzbGilvYCFRP0GwodslQMjQ%3Bsrc%3D8383920%3Btype%3Dxuanl0%3Bcat%3Dxuanl0%3Bord%3D9484879672481%3Bgtm%3D2wg2g0%3B~oref%3Dhttps%253A%252F%252Fform.typeform.com%252Fto%252FElNAR7PZ%253Ftypeform-embed-id%253D9403660689604065%2526typeform-embed%253Dembed-widget%2526typeform-source%253Dallianzxuanlanyogatour.com%2526typeform-medium%253Dembed-sdk%2526typeform-medium-version%253Dnext&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c0b212561aaa74a7cea8c5b4905e9528bf92166466c2d884be21b320bd8c2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 16:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1250
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/992151703/ Frame B336 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/992151703/?random=1645634541195&cv=9&fst=1645632000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8383920.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIHHzbGilvYCFRP0GwodslQMjQ%3Bsrc%3D8383920%3Btype%3Dxuanl0%3Bcat%3Dxuanl0%3Bord%3D9484879672481%3Bgtm%3D2wg2g0%3B~oref%3Dhttps%253A%252F%252Fform.typeform.com%252Fto%252FElNAR7PZ%253Ftypeform-embed-id%253D9403660689604065%2526typeform-embed%253Dembed-widget%2526typeform-source%253Dallianzxuanlanyogatour.com%2526typeform-medium%253Dembed-sdk%2526typeform-medium-version%253Dnext&ref=https%3A%2F%2Fadservice.google.com%2F&async=1&fmt=3&is_vtc=1&random=3570202840&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: 8383920.fls.doubleclick.net
URL: https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 16:42:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/992151703/ Frame B336 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/992151703/?random=1645634541195&cv=9&fst=1645632000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8383920.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIHHzbGilvYCFRP0GwodslQMjQ%3Bsrc%3D8383920%3Btype%3Dxuanl0%3Bcat%3Dxuanl0%3Bord%3D9484879672481%3Bgtm%3D2wg2g0%3B~oref%3Dhttps%253A%252F%252Fform.typeform.com%252Fto%252FElNAR7PZ%253Ftypeform-embed-id%253D9403660689604065%2526typeform-embed%253Dembed-widget%2526typeform-source%253Dallianzxuanlanyogatour.com%2526typeform-medium%253Dembed-sdk%2526typeform-medium-version%253Dnext&ref=https%3A%2F%2Fadservice.google.com%2F&async=1&fmt=3&is_vtc=1&random=3570202840&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: 8383920.fls.doubleclick.net
URL: https://8383920.fls.doubleclick.net/ddm/fls/r/dc_pre=CIHHzbGilvYCFRP0GwodslQMjQ;src=8383920;type=xuanl0;cat=xuanl0;ord=9484879672481;gtm=2wg2g0;~oref=https%3A%2F%2Fform.typeform.com%2Fto%2FElNAR7PZ%3Ftypeform-embed-id%3D9403660689604065%26typeform-embed%3Dembed-widget%26typeform-source%3Dallianzxuanlanyogatour.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 16:42:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame B336 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399536577356558&ev=Microdata&dl=https%3A%2F%2F8383920.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIHHzbGilvYCFRP0GwodslQMjQ%3Bsrc%3D8383920%3Btype%3Dxuanl0%3Bcat%3Dxuanl0%3Bord%3D9484879672481%3Bgtm%3D2wg2g0%3B~oref%3Dhttps%253A%252F%252Fform.typeform.com%252Fto%252FElNAR7PZ%253Ftypeform-embed-id%253D9403660689604065%2526typeform-embed%253Dembed-widget%2526typeform-source%253Dallianzxuanlanyogatour.com%2526typeform-medium%253Dembed-sdk%2526typeform-medium-version%253Dnext&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1645634542681&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&it=1645634541113&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/ElNAR7PZ?typeform-embed-id=9403660689604065&typeform-embed=embed-widget&typeform-source=allianzxuanlanyogatour.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8383920.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 16:42:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 23 Feb 2022 16:42:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.rudderlabs.com
URL
https://cdn.rudderlabs.com/v1/rudder-analytics.min.js

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper function| $ function| jQuery object| bootstrap object| webpackJsonptest-update object| google_tag_manager function| onYouTubeIframeAPIReady object| otStubData object| Optanon object| OneTrust

7 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m1ngGi-e874fedad6ec29dc66-00a
.allianzxuanlanyogatour.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Feb+23+2022+16%3A42%3A19+GMT%2B0000+(GMT)&version=6.24.0&isIABGlobal=false&hosts=&consentId=75bea1d4-f6dc-4c8c-9d36-11b30ff04ed2&interactionCount=0&landingPath=https%3A%2F%2Fwww.allianzxuanlanyogatour.com%2Fsorteo%3Futm_source%3Dhearsay%26utm_medium%3Dsocial%26utm_campaign%3Dsorteoxuan&groups=1%3A1%2C2%3A0%2C4%3A0
.typeform.com/ Name: __cf_bm
Value: SKqEpSqtfZtN9bzhNKFGvLIDnGUI6gXuAMk.jnEnQh8-1645634540-0-AWle7S4UvnJSSAYAxsMfThsic4lnLzqiARLQ73dMVrAMgwfPOyzLqZ99lhrr3vspFN2ClI8H4R2iM7i9Fr0aXKlLowvd0cUEIUp8h4yo123G7CN17RlSoUtwpAaMgBN6jC3/W5we+flcJBZDO9xzKkR7k1+mw4s0h9cuVkfYMm1D
.typeform.com/ Name: attribution_user_id
Value: 33b68928-bb76-4058-92e7-913dec7614f2
.doubleclick.net/ Name: IDE
Value: AHWqTUkYQPsz9P5Bo68QjPwl2r-RnGTxg6mMlOyeruaihTUxtqLkBvQMAIB83k2F4Q8
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E?$N.KzN!@wnf-Te9(>wL5L!!'?g$]WPp
.adnxs.com/ Name: uuid2
Value: 5800449698176691976

2 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHPJXNQ&l=googleTagManager(Line 40)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://secure.adnxs.com/px?id=1537763&seg=27905019&t=1
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8383920.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.segment.io
bit.ly
cdn.cookielaw.org
cdn.rudderlabs.com
cdn.segment.com
code.jquery.com
connect.facebook.net
font.typeform.com
form.typeform.com
geolocation.onetrust.com
googleads.g.doubleclick.net
images.typeform.com
maxcdn.bootstrapcdn.com
px.sunmedia.tv
renderer-assets.typeform.com
secure.adnxs.com
www.allianzxuanlanyogatour.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
cdn.rudderlabs.com
104.18.26.71
142.250.185.130
142.250.185.166
176.31.232.18
18.66.4.233
2001:4de0:ac18::1:a:3a
2600:9000:2156:4000:4:f6ce:61c0:93a1
2600:9000:2156:7c00:9:b3c8:b180:93a1
2600:9000:2156:d600:8:2495:5540:93a1
2606:4700:10::6814:b844
2606:4700::6810:9540
2606:4700::6812:acf
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.167.27.130
37.252.173.215
67.199.248.11
76.76.21.21
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
08993ffc284d73afb66aa3a33c575f401be8be9d1b115c2bdd32619ac57fb200
0c92237d691a694ac5027b6a1ba52c4c8bb5e45b9e49c52cc0fbfa9d17bb51af
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0eb379a3761c7b8312096c7cb929e26f5fcfe7a732e7ae59148abfe98cad3332
0fa285bc53b79c4557b16b3897a4ad99801b0b700a631d003c54560ac7bfcc3d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1111d9983c455922e88b84da02dfc8d41501e27f19cc211ed1424f420423986c
12accfb74a4550693317bf3d62ed60735c84135ec24e9e50114fd564a1466ef4
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
131abb46f8ea91008642cb67bc34aab93a5c2705b9bba94ffa481de55d3ba3c2
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
1f7477246da945b0ce73162ec46a43cae52ad19a3f9e1a2776122147d115dff5
20c45f57f5c629f7df5bfe08bee049689f61204de490a805d93edb43f1468877
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2d58aa8b220db3f6eb6d30aeab1e0a496d8bd8c336db686f371aa7a4fc28fcf4
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
319d939abf247d905a3912dc452c5b9388f30eea2ed6a48b8d7c0bbb8c58b5ad
3244a757f8ad5ad9919e06b19215715a211bd06316feec3d84407cb941187c10
351dae107ab78eca4ae6e08841029b0eb584e128188bcb47e5face03723054f7
3fd85e514b2e3c0dad92231579492c9b5c84b3dff3b04dd12fb84ea9815db3d5
42ead4573b1da840409985e6821be74f36b8188682d170317cae602a003622bf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
476f857c0955289958f450d4011fedf557a12b44c4b37b1607d6c7622d60f73b
573c6fd9679e728de4d0d91aed5740664935d946af4badabcbbad943c20d1b3b
5c0b212561aaa74a7cea8c5b4905e9528bf92166466c2d884be21b320bd8c2ff
5fdb547582bce4bb69e3faf9dc71dbf91a73ac9dbd4416ababaa28d02c60f949
6afee29defad466d4261ffa3473a90050d6202d9270147a8ea95b49dcde213c3
6e77993968a5380fc8c980d1a272936e9ceacd36aeca3530d7efe4aed869e770
778a5268816202ac789beb893f74759b76916c72a2af61d9059b577f8ce86ce3
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7f400b15a0961894f05332c928ea5010990855dbc7c74160ec00a565dbfe9a19
7fc8d9b8c78b4402dd48117b68f147b7513b6212126a54580654f5977873a59c
83f07006fc9e2838b42de7ef5ab134db99bd05258a13426c9f09f817f087f17f
8e3d832d0dd423f730ac7d932c73dd939866fe51c625761762dcba0a74427fd4
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
93d77b1ef52526ff8f8e598116f885cce5ebee1f037182984ad7edd22b126b5c
9cd96585ee6fa528bd8fcee56167e56f2e9c9a47900a6e8b26b69c6a98f7feb2
9fbea7b7faeecbee190b1398f3d16ae954569499c1a7926ffdf72b652fd4cb79
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5c7086df4faeb13166aed8770fb13cc3a4a159158221f000c8d4130dfda4815
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b96d948b65b3697dfd469fdd45e926452ce7654fad7bb3d6b5fe8f4d96f675b4
bbf38369b0fe552de896ffe2e7b7cdfd115d188f277fd8fdbf9b0366b984b6b8
c06123162966e3e707e462ce54da89f7e8dfd956192c925801e2aee1f31ef4ff
c0f394f4e8692b7738dd041bbcf3167d6e266f87687f309ca5e519cfe326382c
c7fd6b8d975749628f08a760a97bf88ee33b3c01647a651976578a9737e3cfc5
cf698ddced583fb100439087e4b5f7d84f3c09485a7cbb1c9bdd866dadf8f120
d30d8c6881637fed9b14bccae6c567b027a607f36cd541739ba4bc824c0db227
d6399013be9738a2f224f5f250083395dddc211a215375de087b5477660fe547
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd2cf7b53f0e746ecd6bf5e10cee012337fed6d426cb7d8af26f0185e986175
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f515de511b17399fb7edeae5885ccb63492a7a6f3b8d6cca332fc4f0a0d5c8fc
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d