urlscan.io logo urlscan.io
SecurityTrails logo

offertravels.com Open in urlscan Pro
34.174.176.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://booking.offerviajes.es/
Effective URL: https://offertravels.com/
Submission: On August 11 via automatic, source certstream-suspicious — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 57 HTTP transactions. The main IP is 34.174.176.133, located in Dallas, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is offertravels.com.
TLS certificate: Issued by R10 on July 28th 2024. Valid for: 3 months.
This is the only time offertravels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 212.222.42.65 3257 (GTT-BACKB...)
32 34.174.176.133 396982 (GOOGLE-CL...)
2 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 23.37.35.25 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:266... 16509 (AMAZON-02)
1 18.245.60.68 16509 (AMAZON-02)
57 8
1    212.222.42.65 (Madrid, Spain)

ASN3257 (GTT-BACKBONE GTT, US)
booking.offerviajes.es
32    34.174.176.133 (Dallas, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.176.174.34.bc.googleusercontent.com
offertravels.com
2    2600:9000:223d:7800:5:acf3:db40:21 (United States)

ASN16509 (AMAZON-02, US)
d1rozh26tys225.cloudfront.net
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    23.37.35.25 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-35-25.deploy.static.akamaitechnologies.com
affiliates.expediagroup.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:266e:f600:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.bstatic.com
1    18.245.60.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-68.fra60.r.cloudfront.net
www.booking.com
Apex Domain
Subdomains		 Transfer
32 offertravels.com
offertravels.com
937 KB
7 expediagroup.com
affiliates.expediagroup.com — Cisco Umbrella Rank: 467781
7 KB
2 gstatic.com
fonts.gstatic.com
72 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
4 KB
2 cloudfront.net
d1rozh26tys225.cloudfront.net
4 KB
1 booking.com
www.booking.com — Cisco Umbrella Rank: 11143
1 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 19480
3 KB
1 offerviajes.es
booking.offerviajes.es
1 KB
57 8
Domain Requested by
32 offertravels.com offertravels.com
7 affiliates.expediagroup.com offertravels.com
affiliates.expediagroup.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com offertravels.com
2 d1rozh26tys225.cloudfront.net offertravels.com
1 www.booking.com cf.bstatic.com
1 cf.bstatic.com offertravels.com
1 booking.offerviajes.es 1 redirects
57 8

This site contains links to these domains. Also see Links.

Domain
booking.offerviajes.es
api.whatsapp.com
walink.co
Subject Issuer Validity Valid
*.offertravels.com
R10		 2024-07-28 -
2024-10-26		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.expediagroup.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-25 -
2025-05-28		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-29 -
2024-11-28		 a year crt.sh
*.booking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-01 -
2025-03-25		 a year crt.sh

This page contains 5 frames:

Primary Page: https://offertravels.com/
Frame ID: F49A280AE0966DED26F9D3DCBFC66157
Requests: 53 HTTP requests in this frame

Frame: https://affiliates.expediagroup.com/products/widgets/search-widget?program=us-expedia&lobs=stays%2Cflights&network=pz&camref=1101l3IcEz&instance=lzpmsa3cgihnnvd492f
Frame ID: 0E2E72F1BF594AE8AC0ECAD9ABA43A0C
Requests: 1 HTTP requests in this frame

Frame: https://affiliates.expediagroup.com/products/banners?program=us-expedia&layout=leaderboard&image=relaxing&message=bye-bye-bucket-list-hello-adventure&link=home&network=pz&camref=1101l3IcEz&instance=lzpmsa3elyexdh9avep
Frame ID: 531ED151D90DF373EA1C9FC5C3BF5425
Requests: 1 HTTP requests in this frame

Frame: https://affiliates.expediagroup.com/products/banners?program=us-expedia&layout=leaderboard&image=searching&message=bye-bye-bucket-list-hello-adventure&link=stays&network=pz&camref=1101l3IcEz&instance=lzpmsa3egxlwe86h2l
Frame ID: 6BA3DBB55F3ED5B3D5BD75142CE42CE1
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=xu&aid=2419329&target_aid=2419329&tmpl=affiliate_banner&fid=1723384753179&
Frame ID: 0A1DC450436A3ADA373A211AD576748D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Offer Travels – Travels Agency

Page URL History Show full URLs

  1. https://booking.offerviajes.es/ HTTP 301
    https://offertravels.com/ Page URL
  2. https://offertravels.com/.well-known/sgcaptcha/?r=%2F&y=ipr:146.70.74.119:1723384750.909 Page URL
  3. https://offertravels.com/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzM4NDc1MTowYzc5YzlkMzpiNDNmZTNmYzV... Page URL
  4. https://offertravels.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

57
Requests

82 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

1026 kB
Transfer

1775 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://booking.offerviajes.es/ HTTP 301
    https://offertravels.com/ Page URL
  2. https://offertravels.com/.well-known/sgcaptcha/?r=%2F&y=ipr:146.70.74.119:1723384750.909 Page URL
  3. https://offertravels.com/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzM4NDc1MTowYzc5YzlkMzpiNDNmZTNmYzVhMmM5ZjA1OWVjNWM2ZmJjNjBiN2EwOGQ3ODJmNzRjMjNjZDgzOGI0YjgzMGY0YjQ3Y2VhZDIyOgI5GAU%3D&s=252:18649 Page URL
  4. https://offertravels.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://booking.offerviajes.es/ HTTP 301
  • https://offertravels.com/

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
offertravels.com/
Redirect Chain
  • https://booking.offerviajes.es/
  • https://offertravels.com/
168 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7f66913abdc1adfc556f93306fdefc7aaf8a28c4c429c4f8283cd6895ae6e6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store,no-cache,max-age=0
content-length
168
content-type
text/html
date
Sun, 11 Aug 2024 13:59:10 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
server
nginx
sg-captcha
challenge
x-proxy-cache-info
DT:1
x-robots-tag
noindex

Redirect headers

Content-Length
0
Content-Type
text/html
Date
Sun, 11 Aug 2024 13:59:09 GMT
Location
https://offertravels.com
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Server
dzJQNnZlUUxjU1QwZDJVR2UyQjZIQT09Ot5xM8fxiF9pozt3pYXIQMU=
/
offertravels.com/.well-known/sgcaptcha/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/.well-known/sgcaptcha/?r=%2F&y=ipr:146.70.74.119:1723384750.909
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
39674f42bea3c064f8dd5a84cc81dbd8e19b56607bd373074a3d91f527ee60c9

Request headers

Referer
https://offertravels.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store,no-cache,max-age=0
content-encoding
br
content-type
text/html
date
Sun, 11 Aug 2024 13:59:11 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
server
nginx
sg-captcha
challenge
vary
Accept-Encoding
x-proxy-cache-info
DT:1
x-robots-tag
noindex
robot-suspicion.svg
d1rozh26tys225.cloudfront.net/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1rozh26tys225.cloudfront.net/robot-suspicion.svg
Requested by
Host: offertravels.com
URL: https://offertravels.com/.well-known/sgcaptcha/?r=%2F&y=ipr:146.70.74.119:1723384750.909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7800:5:acf3:db40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddb4a8fe630cda4853312bf576429166ca074167ec93d38b24fc80d166f52a34

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 00:29:13 GMT
content-encoding
gzip
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified
Wed, 16 Aug 2023 13:41:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
48602
x-amz-server-side-encryption
AES256
etag
W/"bf95026d64faa61f93dcec8be1040417"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
eUOD1hNHcFUarZR3LxEjce989SxkcO7Vgn_HYf-dwBexyraCMb8DEw==
loader.svg
d1rozh26tys225.cloudfront.net/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1rozh26tys225.cloudfront.net/loader.svg
Requested by
Host: offertravels.com
URL: https://offertravels.com/.well-known/sgcaptcha/?r=%2F&y=ipr:146.70.74.119:1723384750.909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7800:5:acf3:db40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
daed5f030b7d78e92c71aa05601d7bc94a8c59f4037363666f02e5611fc5de42

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 05:08:25 GMT
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified
Wed, 16 Aug 2023 13:41:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
31848
x-amz-server-side-encryption
AES256
etag
"8946b767a9a283b2a0f3a62fd915020c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
846
x-amz-cf-id
NLQiYoBvhUd_QHMbST0HKd-QUBgw5cGIPMfEP8Rsp2A3TK7rK_NRvg==
8a231d87-6b56-4ae3-a587-23789445a8de
https://offertravels.com/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offertravels.com/8a231d87-6b56-4ae3-a587-23789445a8de
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
7806
Content-Type
application/javascript
8a231d87-6b56-4ae3-a587-23789445a8de
https://offertravels.com/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offertravels.com/8a231d87-6b56-4ae3-a587-23789445a8de
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
7806
Content-Type
application/javascript
8a231d87-6b56-4ae3-a587-23789445a8de
https://offertravels.com/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offertravels.com/8a231d87-6b56-4ae3-a587-23789445a8de
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
7806
Content-Type
application/javascript
8a231d87-6b56-4ae3-a587-23789445a8de
https://offertravels.com/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offertravels.com/8a231d87-6b56-4ae3-a587-23789445a8de
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
7806
Content-Type
application/javascript
8a231d87-6b56-4ae3-a587-23789445a8de
https://offertravels.com/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offertravels.com/8a231d87-6b56-4ae3-a587-23789445a8de
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
7806
Content-Type
application/javascript
8a231d87-6b56-4ae3-a587-23789445a8de
https://offertravels.com/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offertravels.com/8a231d87-6b56-4ae3-a587-23789445a8de
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
7806
Content-Type
application/javascript
8a231d87-6b56-4ae3-a587-23789445a8de
https://offertravels.com/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offertravels.com/8a231d87-6b56-4ae3-a587-23789445a8de
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
7806
Content-Type
application/javascript
8a231d87-6b56-4ae3-a587-23789445a8de
https://offertravels.com/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offertravels.com/8a231d87-6b56-4ae3-a587-23789445a8de
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
7806
Content-Type
application/javascript
/
offertravels.com/.well-known/sgcaptcha/ 		300 B
689 B 		Document
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzM4NDc1MTowYzc5YzlkMzpiNDNmZTNmYzVhMmM5ZjA1OWVjNWM2ZmJjNjBiN2EwOGQ3ODJmNzRjMjNjZDgzOGI0YjgzMGY0YjQ3Y2VhZDIyOgI5GAU%3D&s=252:18649
Requested by
Host: offertravels.com
URL: https://offertravels.com/.well-known/sgcaptcha/?r=%2F&y=ipr:146.70.74.119:1723384750.909
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7c44a454ad600500cda7ffee64911601149ccccba9e7165df80afce5e3d1951f

Request headers

Referer
https://offertravels.com/.well-known/sgcaptcha/?r=%2F&y=ipr:146.70.74.119:1723384750.909
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store,no-cache,max-age=0
content-length
300
content-type
text/html
date
Sun, 11 Aug 2024 13:59:11 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
server
nginx
sg-captcha
challenge
x-proxy-cache-info
DT:1
x-robots-tag
noindex
Primary Request /
offertravels.com/ 		162 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/
Requested by
Host: offertravels.com
URL: https://offertravels.com/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzM4NDc1MTowYzc5YzlkMzpiNDNmZTNmYzVhMmM5ZjA1OWVjNWM2ZmJjNjBiN2EwOGQ3ODJmNzRjMjNjZDgzOGI0YjgzMGY0YjQ3Y2VhZDIyOgI5GAU%3D&s=252:18649
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a1e24fbf574cbd165e158b5379e7bf4c369fb6de8ea29745c4ed268c1f538216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offertravels.com/.well-known/sgcaptcha/?r=%2F&sol=MjA6MTcyMzM4NDc1MTowYzc5YzlkMzpiNDNmZTNmYzVhMmM5ZjA1OWVjNWM2ZmJjNjBiN2EwOGQ3ODJmNzRjMjNjZDgzOGI0YjgzMGY0YjQ3Y2VhZDIyOgI5GAU%3D&s=252:18649
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 11 Aug 2024 13:59:12 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://offertravels.com/wp-json/>; rel="https://api.w.org/" <https://offertravels.com/wp-json/wp/v2/pages/395>; rel="alternate"; title="JSON"; type="application/json" <https://offertravels.com/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
HIT
x-xss-protection
1; mode=block
main.min.css
offertravels.com/wp-content/themes/astra/assets/css/minified/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.6.4
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b515a60a6963e4fcc6877f257ec9ee1b39bb5db12dcb6de97d4704f277ffc84b

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 31 Jan 2024 02:55:55 GMT
server
nginx
etag
W/"65b9b6bb-a580"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
css
fonts.googleapis.com/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CDM+Serif+Display%3A400&display=fallback&ver=4.6.4
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce8fdd86e60f2400a01bd1dffe60887b09e850212442b56b14803b67150a877b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Aug 2024 13:59:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Aug 2024 13:59:12 GMT
main.css
offertravels.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/css/ 		2 KB
770 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/css/main.css?ver=4.6
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
55fa6499c0b77cbff2bcfb51263c5f60fa119facf73e5c6f0657c5aa3c39a280

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:13 GMT
server
nginx
etag
W/"66a16ea5-656"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
frontend-lite.min.css
offertravels.com/wp-content/plugins/elementor/assets/css/ 		207 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.23.2
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9f33bb2c619e36829f6258240c7d632f75a258830ccf8c7d38e6f79c051214e1

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:10 GMT
server
nginx
etag
W/"66a16ea2-33c98"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
swiper.min.css
offertravels.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:10 GMT
server
nginx
etag
W/"66a16ea2-4057"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
post-394.css
offertravels.com/wp-content/uploads/elementor/css/ 		1 KB
554 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/uploads/elementor/css/post-394.css?ver=1712203393
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cbac053684271a4c09252e8d8833b82bb68eb572fbde363564a99350b31b9327

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 04:03:13 GMT
server
nginx
etag
W/"660e2681-455"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
post-395.css
offertravels.com/wp-content/uploads/elementor/css/ 		28 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/uploads/elementor/css/post-395.css?ver=1714933302
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9971efa355289dd50eb4443b48bc00d0608431c9e40740680f800052d7589054

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Sun, 05 May 2024 18:21:42 GMT
server
nginx
etag
W/"6637ce36-704d"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
css
fonts.googleapis.com/ 		49 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.1
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0fa06655078e0ac20e2af926a55c9e56ce3484ddc439cb4643a7f8c8f6ac031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Aug 2024 13:50:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Aug 2024 13:59:12 GMT
jquery.min.js
offertravels.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 31 Jan 2024 02:44:09 GMT
server
nginx
etag
W/"65b9b3f9-15601"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
jquery-migrate.min.js
offertravels.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 31 Jan 2024 02:44:09 GMT
server
nginx
etag
W/"65b9b3f9-3509"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
eg-widgets.js
affiliates.expediagroup.com/products/widgets/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://affiliates.expediagroup.com/products/widgets/assets/eg-widgets.js
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.35.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
494876238077c06a57ecf5d93952bbd1415845fde2178515c332a8207363b518
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Aug 2024 13:59:12 GMT
x-b3-traceid
15768e41cc84428c9cec93ff44734a60
x-cgp-info
noJvmRouteSet;e3777d8e-57e9-11ef-9d66-024219d66394
content-length
1563
x-xss-protection
1; mode=block
last-modified
Fri, 28 Jun 2024 02:07:47 GMT
etag
"d7f7abf571643836d20d3bbe74505d76d148108f-gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
trace-id
15768e41-cc84-428c-9cec-93ff44734a60
eg-affiliate-banners.js
affiliates.expediagroup.com/products/banners/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://affiliates.expediagroup.com/products/banners/assets/eg-affiliate-banners.js
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.35.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2afe8e01e872d0fd5b1ae597f926f4fad013065caae9a985b3cc2df17b0fd746
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Aug 2024 13:59:12 GMT
x-b3-traceid
de5d32f4e42e44789d07567aeda31ff6
x-cgp-info
noJvmRouteSet;e37a156a-57e9-11ef-ab47-0242932cbe1c
content-length
1550
x-xss-protection
1; mode=block
last-modified
Fri, 28 Jun 2024 02:07:47 GMT
etag
"8a6a5d4cb8c4bd64f3dd21a427d384966db57c67-gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
trace-id
de5d32f4-e42e-4478-9d07-567aeda31ff6
crucero-3-ingles-1.jpg
offertravels.com/wp-content/uploads/2024/02/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offertravels.com/wp-content/uploads/2024/02/crucero-3-ingles-1.jpg
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ad3a6bdaa054fd9cd700c4dd88eac85cd8a3b1bd1b0ccbb277862d2654bfe0d

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
last-modified
Tue, 06 Feb 2024 00:53:58 GMT
server
nginx
etag
"65c18326-1fba6"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
129958
expires
Mon, 11 Aug 2025 13:59:12 GMT
crucero-4-ingles-1.jpg
offertravels.com/wp-content/uploads/2024/02/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offertravels.com/wp-content/uploads/2024/02/crucero-4-ingles-1.jpg
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e8dbd5b91af8b5f8a39112e8ab8712cc785b1ad3fcdf672549b4a85cdf84fb9e

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
last-modified
Tue, 06 Feb 2024 00:54:31 GMT
server
nginx
etag
"65c18347-38412"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
230418
expires
Mon, 11 Aug 2025 13:59:12 GMT
cancun3.jpg
offertravels.com/wp-content/uploads/2024/02/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offertravels.com/wp-content/uploads/2024/02/cancun3.jpg
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
73cf68cda7c3eae5169ab712301c7e9324cc0c70a7722b497d522d95b1cfec0d

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
last-modified
Wed, 07 Feb 2024 00:51:29 GMT
server
nginx
etag
"65c2d411-fea3"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
65187
expires
Mon, 11 Aug 2025 13:59:12 GMT
cropped-travel_logo_-_Made_with_PosterMyWall_-_Copy-removebg-preview-300x300.png
offertravels.com/wp-content/uploads/2024/05/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offertravels.com/wp-content/uploads/2024/05/cropped-travel_logo_-_Made_with_PosterMyWall_-_Copy-removebg-preview-300x300.png
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aedeccdfa82a1759beeaf0840cc889447abae2bc63fe0c3e48880520fc70605f

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
last-modified
Sun, 05 May 2024 18:14:44 GMT
server
nginx
etag
"6637cc94-10084"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
65668
expires
Mon, 11 Aug 2025 13:59:12 GMT
frontend.min.js
offertravels.com/wp-content/themes/astra/assets/js/minified/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.6.4
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ba8baa9e210bbd7de7f146126d6831f6ab3c7fbaf57d5691dc998eea4eb1499a

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 31 Jan 2024 02:55:55 GMT
server
nginx
etag
W/"65b9b6bb-548e"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
app.js
offertravels.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=4.6
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3875a9eae112ceee3e1326a56ba4c351ce6a2390fc1a3a6602e249e237968587

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:13 GMT
server
nginx
etag
W/"66a16ea5-2328"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
dom-ready.min.js
offertravels.com/wp-includes/js/dist/ 		457 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-includes/js/dist/dom-ready.min.js?ver=f77871ff7694fffea381
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 02:20:56 GMT
server
nginx
etag
W/"660e0e88-1c9"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
main.js
offertravels.com/wp-content/plugins/astra-sites/inc/lib/onboarding/assets/dist/template-preview/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/astra-sites/inc/lib/onboarding/assets/dist/template-preview/main.js?ver=06758d4d807d9d22c6ea
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4a8bd33bfe771e0bd46fade45435a9fa2d0c3a8af2409b1f5a74a6b96b03faa9

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:16 GMT
server
nginx
etag
W/"66a16ea8-19b5"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
webpack.runtime.min.js
offertravels.com/wp-content/plugins/elementor/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.23.2
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
852abcd746b8665975782e7dd7ebab196c0a9e4c09881ca5c29539bae190d774

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:10 GMT
server
nginx
etag
W/"66a16ea2-1385"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
frontend-modules.min.js
offertravels.com/wp-content/plugins/elementor/assets/js/ 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.23.2
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ea47cf0baa882318194f5ad6f4c4045ccbc4c5be9f6af1629c6a316d109dfe8

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:10 GMT
server
nginx
etag
W/"66a16ea2-11f60"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
waypoints.min.js
offertravels.com/wp-content/plugins/elementor/assets/lib/waypoints/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:10 GMT
server
nginx
etag
W/"66a16ea2-2fa6"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
core.min.js
offertravels.com/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:06 GMT
server
nginx
etag
W/"66a16e9e-53d8"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
frontend.min.js
offertravels.com/wp-content/plugins/elementor/assets/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.23.2
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
107b304c544854df226262ea6cbffd9d4e6b46e78136bac9753838cd8b5f2ef2

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:10 GMT
server
nginx
etag
W/"66a16ea2-9d39"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
underscore.min.js
offertravels.com/wp-includes/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 31 Jan 2024 02:44:09 GMT
server
nginx
etag
W/"65b9b3f9-4991"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
wp-util.min.js
offertravels.com/wp-includes/js/ 		1 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-includes/js/wp-util.min.js?ver=6.6.1
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 31 Jan 2024 02:44:09 GMT
server
nginx
etag
W/"65b9b3f9-592"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
frontend.min.js
offertravels.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/ 		771 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.9.6
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2dea57483641f8762937dfd9b09126a9b21c88bd3d7486186003e0bbb9043145

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:19 GMT
server
nginx
etag
W/"66a16eab-303"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:12 GMT
bc4e7632-957b-4747-9f37-b659f7af522c
https://offertravels.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offertravels.com/bc4e7632-957b-4747-9f37-b659f7af522c
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
family_playing_mini_golf_hp_Jumbotron_1920_1080.jpg
offertravels.com/wp-content/uploads/2024/02/ 		281 KB
281 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offertravels.com/wp-content/uploads/2024/02/family_playing_mini_golf_hp_Jumbotron_1920_1080.jpg
Requested by
Host: offertravels.com
URL: https://offertravels.com/wp-content/uploads/elementor/css/post-395.css?ver=1714933302
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a821164f8b39f07a855839a02aee68381b4f7a886f1e70b0fed4526782c48ef0

Request headers

Referer
https://offertravels.com/wp-content/uploads/elementor/css/post-395.css?ver=1714933302
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:12 GMT
last-modified
Sat, 03 Feb 2024 20:10:05 GMT
server
nginx
etag
"65be9d9d-463d4"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
287700
expires
Mon, 11 Aug 2025 13:59:12 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CDM+Serif+Display%3A400&display=fallback&ver=4.6.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offertravels.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 12:26:16 GMT
x-content-type-options
nosniff
age
437577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 12:26:16 GMT
-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
fonts.gstatic.com/s/dmserifdisplay/v15/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmserifdisplay/v15/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CDM+Serif+Display%3A400&display=fallback&ver=4.6.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offertravels.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:08:43 GMT
x-content-type-options
nosniff
age
427830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24768
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:45:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 15:08:43 GMT
eg-widgets.css
affiliates.expediagroup.com/products/widgets/assets/ 		238 B
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affiliates.expediagroup.com/products/widgets/assets/eg-widgets.css
Requested by
Host: affiliates.expediagroup.com
URL: https://affiliates.expediagroup.com/products/widgets/assets/eg-widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.35.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b3893b95d2704b166fd94bd51f03d115e83a9a01aa624c79706d40540fb7cafc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
date
Sun, 11 Aug 2024 13:59:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 02:07:47 GMT
x-b3-traceid
4b9ec66d64de415a92bd51c8c956b4d5
etag
"1f583dfa9463588143ff30e7ec3c7dbdc6158698"
x-download-options
noopen
content-type
text/css; charset=utf-8
cache-control
no-cache
x-cgp-info
noJvmRouteSet;e3a67cd2-57e9-11ef-900a-0242659d14b4
accept-ranges
bytes
trace-id
4b9ec66d-64de-415a-92bd-51c8c956b4d5
content-length
238
x-xss-protection
1; mode=block
flexiproduct.js
cf.bstatic.com/static/affiliate_base/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1723384752900
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:f600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 02:11:43 GMT
content-encoding
br
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
820050
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 13 Jun 2022 03:41:28 GMT
server
nginx
etag
W/"62a6b1e8-1849"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
9n6yw5yWEyKqxLeDlgz5IztHj-M8K-dwe7RKrQtJChX-1vm3H3aeiA==
expires
Sun, 01 Sep 2024 02:11:43 GMT
eg-affiliate-banners.css
affiliates.expediagroup.com/products/banners/assets/ 		156 B
759 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affiliates.expediagroup.com/products/banners/assets/eg-affiliate-banners.css
Requested by
Host: affiliates.expediagroup.com
URL: https://affiliates.expediagroup.com/products/banners/assets/eg-affiliate-banners.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.35.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c8b53d4b93c9f0b627787ea47156488d1d9c9b08c75efd2d183cdc2bd698a9f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
date
Sun, 11 Aug 2024 13:59:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 02:07:47 GMT
x-b3-traceid
eda6091f4cc54e048b0383894bc8ac69
etag
"4bf06babaae04f029a11b730184feedbff99ca2e"
x-download-options
noopen
content-type
text/css; charset=utf-8
cache-control
no-cache
x-cgp-info
noJvmRouteSet;e3a6a389-57e9-11ef-8f76-024203dbe6a0
accept-ranges
bytes
trace-id
eda6091f-4cc5-4e04-8b03-83894bc8ac69
content-length
156
x-xss-protection
1; mode=block
widget-icon-list.min.css
offertravels.com/wp-content/plugins/elementor/assets/css/ 		0
0
wp-emoji-release.min.js
offertravels.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: offertravels.com
URL: https://offertravels.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:13 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 02:20:56 GMT
server
nginx
etag
W/"660e0e88-4926"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:13 GMT
search-widget
affiliates.expediagroup.com/products/widgets/ Frame 0E2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://affiliates.expediagroup.com/products/widgets/search-widget?program=us-expedia&lobs=stays%2Cflights&network=pz&camref=1101l3IcEz&instance=lzpmsa3cgihnnvd492f
Requested by
Host: affiliates.expediagroup.com
URL: https://affiliates.expediagroup.com/products/widgets/assets/eg-widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.35.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://offertravels.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length
0
date
Sun, 11 Aug 2024 13:59:13 GMT
trace-id
a7322648-6fa7-4519-8cf5-02c16889c11b
x-b3-traceid
a73226486fa745198cf502c16889c11b
x-cgp-info
noJvmRouteSet;e3de5598-57e9-11ef-ab79-024226bae5db
banners
affiliates.expediagroup.com/products/ Frame 531E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://affiliates.expediagroup.com/products/banners?program=us-expedia&layout=leaderboard&image=relaxing&message=bye-bye-bucket-list-hello-adventure&link=home&network=pz&camref=1101l3IcEz&instance=lzpmsa3elyexdh9avep
Requested by
Host: affiliates.expediagroup.com
URL: https://affiliates.expediagroup.com/products/banners/assets/eg-affiliate-banners.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.35.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://offertravels.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length
0
date
Sun, 11 Aug 2024 13:59:13 GMT
trace-id
5d35593c-423c-4d11-82de-677d60a28e5e
x-b3-traceid
5d35593c423c4d1182de677d60a28e5e
x-cgp-info
noJvmRouteSet;e3e189a2-57e9-11ef-bf12-024268a93aa7
banners
affiliates.expediagroup.com/products/ Frame 6BA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://affiliates.expediagroup.com/products/banners?program=us-expedia&layout=leaderboard&image=searching&message=bye-bye-bucket-list-hello-adventure&link=stays&network=pz&camref=1101l3IcEz&instance=lzpmsa3egxlwe86h2l
Requested by
Host: affiliates.expediagroup.com
URL: https://affiliates.expediagroup.com/products/banners/assets/eg-affiliate-banners.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.35.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://offertravels.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length
0
date
Sun, 11 Aug 2024 13:59:13 GMT
trace-id
bc63e410-de18-49b9-812c-c5380c64164f
x-b3-traceid
bc63e410de1849b9812cc5380c64164f
x-cgp-info
noJvmRouteSet;e3e9c759-57e9-11ef-8175-02427a6b1be9
flexiproduct.html
www.booking.com/ Frame 0A1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=xu&aid=2419329&target_aid=2419329&tmpl=affiliate_banner&fid=1723384753179&
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1723384752900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-68.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offertravels.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
private
content-encoding
br
content-length
1123
content-type
text/html; charset=UTF-8
date
Sun, 11 Aug 2024 13:59:13 GMT
nel
{"max_age":604800,"report_to":"default"}
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default","max_age":604800}
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
User-Agent, Accept-Encoding
via
1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
x-amz-cf-id
i02LzaWZGLzfKABYtiRld4jGzwPKNZx_lOKy_V3g1FYehbasfsG1qg==
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
text-editor.2c35aafbe5bf0e127950.bundle.min.js
offertravels.com/wp-content/plugins/elementor/assets/js/ 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by
Host: offertravels.com
URL: https://offertravels.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.23.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
302f97751322c57b1dd3c46fbfa1dbca10a44919ca32c934cddae0a11c369f23

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:13 GMT
content-encoding
br
last-modified
Wed, 24 Jul 2024 21:14:10 GMT
server
nginx
etag
W/"66a16ea2-550"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Mon, 11 Aug 2025 13:59:13 GMT
cropped-travel_logo_-_Made_with_PosterMyWall_-_Copy-removebg-preview-32x32.png
offertravels.com/wp-content/uploads/2024/05/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://offertravels.com/wp-content/uploads/2024/05/cropped-travel_logo_-_Made_with_PosterMyWall_-_Copy-removebg-preview-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.176.133 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.176.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6cac5e62aab56774eeef09463ba4b9eefa073ada1b35e3291bb5bfa4f51eb3db

Request headers

Referer
https://offertravels.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 13:59:14 GMT
last-modified
Sun, 05 May 2024 18:14:44 GMT
server
nginx
etag
"6637cc94-76e"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
1902
expires
Mon, 11 Aug 2025 13:59:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
offertravels.com
URL
http://offertravels.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _wpemojiSettings function| jQuery object| eg object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| ht_ctc_chat_var object| ht_ctc_variables object| wp object| starter_templates_zip_preview object| webpackChunkelementor function| _i_ function| _r_ object| BookingAff object| elementorModules function| Waypoint object| elementorFrontendConfig object| elementorFrontend function| _ object| _wpUtilSettings object| wpformsElementorVars object| WPFormsElementorFrontend object| twemoji

8 Cookies

Domain/Path Name / Value
.offerviajes.es/ Name: brand
Value: 33482
.offerviajes.es/ Name: mkt_pref
Value: YToxOntzOjEwOiJ0cmFja3BhcmFtIjtzOjM4OiJhJTNBMCUzQSU3QiU3RERBVEFfU0VQQVJBVE9SNDE4OTAyMDk3NyI7fQ%3D%3D
.offerviajes.es/ Name: info_localizacion
Value: 30200%2Fes%2FEUR%2F
.offerviajes.es/ Name: _upfs
Value: eyJtYXJrZXRfaWQiOjEsImxhbmdfMSI6ImVzIn0%3D
.offertravels.com/ Name: _I_
Value: d68f73cd74e7d01697faa14a71dd6605fe6438304fc3007abeb542a771b6a1b7-1723384751
.affiliates.expediagroup.com/ Name: DUAID
Value: c4d4a8bf-5d72-4422-96c3-fae480477f6f
.affiliates.expediagroup.com/ Name: MC1
Value: GUID=c4d4a8bf5d72442296c3fae480477f6f
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBK6LEtX6%2Blc%2BU%2Bt%2FZWYK5bXM6fU1bIdWCklROe6xOw%2FVe9aEY9p5F4mgxmohhSByM4wegcKy3pnbL6xr5TqEpYTWht5YODqtSAgZF6%2Fa08dTjwPeipu%2BiO9hDs6%2BKsA9HHiOXbw3QWol4ytfct1N3cALufjgSKFeOc%3D

3 Console Messages

Source Level URL
Text
security warning URL: https://offertravels.com/
Message:
Mixed Content: The page at 'https://offertravels.com/' was loaded over HTTPS, but requested an insecure element 'http://offertravels.com/wp-content/uploads/2024/05/cropped-travel_logo_-_Made_with_PosterMyWall_-_Copy-removebg-preview-300x300.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://offertravels.com/(Line 442)
Message:
Mixed Content: The page at 'https://offertravels.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://offertravels.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://offertravels.com/(Line 574)
Message:
Mixed Content: The page at 'https://offertravels.com/' was loaded over HTTPS, but requested an insecure element 'http://offertravels.com/wp-content/uploads/2024/05/cropped-travel_logo_-_Made_with_PosterMyWall_-_Copy-removebg-preview-300x300.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliates.expediagroup.com
booking.offerviajes.es
cf.bstatic.com
d1rozh26tys225.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
offertravels.com
www.booking.com
offertravels.com
18.245.60.68
212.222.42.65
23.37.35.25
2600:9000:223d:7800:5:acf3:db40:21
2600:9000:266e:f600:5:bf05:acc0:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
34.174.176.133
107b304c544854df226262ea6cbffd9d4e6b46e78136bac9753838cd8b5f2ef2
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2afe8e01e872d0fd5b1ae597f926f4fad013065caae9a985b3cc2df17b0fd746
2dea57483641f8762937dfd9b09126a9b21c88bd3d7486186003e0bbb9043145
302f97751322c57b1dd3c46fbfa1dbca10a44919ca32c934cddae0a11c369f23
3875a9eae112ceee3e1326a56ba4c351ce6a2390fc1a3a6602e249e237968587
39674f42bea3c064f8dd5a84cc81dbd8e19b56607bd373074a3d91f527ee60c9
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
494876238077c06a57ecf5d93952bbd1415845fde2178515c332a8207363b518
4a8bd33bfe771e0bd46fade45435a9fa2d0c3a8af2409b1f5a74a6b96b03faa9
4c8b53d4b93c9f0b627787ea47156488d1d9c9b08c75efd2d183cdc2bd698a9f
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
523f91b207afb3c621f4c7e963d93956a509890cfea5136a0120ff5d62e8d5ac
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55fa6499c0b77cbff2bcfb51263c5f60fa119facf73e5c6f0657c5aa3c39a280
5a43a22e48f94b7a45a9a9b1a107f197213b73307fdfa2e6b2daadab264f94d2
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6ad3a6bdaa054fd9cd700c4dd88eac85cd8a3b1bd1b0ccbb277862d2654bfe0d
6cac5e62aab56774eeef09463ba4b9eefa073ada1b35e3291bb5bfa4f51eb3db
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
73cf68cda7c3eae5169ab712301c7e9324cc0c70a7722b497d522d95b1cfec0d
7c44a454ad600500cda7ffee64911601149ccccba9e7165df80afce5e3d1951f
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
7ea47cf0baa882318194f5ad6f4c4045ccbc4c5be9f6af1629c6a316d109dfe8
852abcd746b8665975782e7dd7ebab196c0a9e4c09881ca5c29539bae190d774
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
9971efa355289dd50eb4443b48bc00d0608431c9e40740680f800052d7589054
9f33bb2c619e36829f6258240c7d632f75a258830ccf8c7d38e6f79c051214e1
a1e24fbf574cbd165e158b5379e7bf4c369fb6de8ea29745c4ed268c1f538216
a821164f8b39f07a855839a02aee68381b4f7a886f1e70b0fed4526782c48ef0
aedeccdfa82a1759beeaf0840cc889447abae2bc63fe0c3e48880520fc70605f
b3893b95d2704b166fd94bd51f03d115e83a9a01aa624c79706d40540fb7cafc
b515a60a6963e4fcc6877f257ec9ee1b39bb5db12dcb6de97d4704f277ffc84b
b7f66913abdc1adfc556f93306fdefc7aaf8a28c4c429c4f8283cd6895ae6e6f
ba8baa9e210bbd7de7f146126d6831f6ab3c7fbaf57d5691dc998eea4eb1499a
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbac053684271a4c09252e8d8833b82bb68eb572fbde363564a99350b31b9327
ce8fdd86e60f2400a01bd1dffe60887b09e850212442b56b14803b67150a877b
daed5f030b7d78e92c71aa05601d7bc94a8c59f4037363666f02e5611fc5de42
ddb4a8fe630cda4853312bf576429166ca074167ec93d38b24fc80d166f52a34
e8dbd5b91af8b5f8a39112e8ab8712cc785b1ad3fcdf672549b4a85cdf84fb9e
f0fa06655078e0ac20e2af926a55c9e56ce3484ddc439cb4643a7f8c8f6ac031