foresttravel.com Open in urlscan Pro
104.197.217.66 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://foresttravel.com/
Submission Tags: falconsandbox
Submission: On January 15 via api (January 15th 2021, 10:25:25 pm UTC) from US

Summary HTTP 117 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 48 IPs in 8 countries across 37 domains to perform 117 HTTP transactions. The main IP is 104.197.217.66, located in United States and belongs to GOOGLE, US. The main domain is foresttravel.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 19th 2020. Valid for: 3 months.

This is the only time foresttravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	104.197.217.66 104.197.217.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
8	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	52.208.176.149 52.208.176.149	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.141.74 52.222.141.74	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
1	13.224.194.56 13.224.194.56	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	52.222.141.12 52.222.141.12	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	52.18.148.102 52.18.148.102	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.141.68 52.222.141.68	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.213.112.124 52.213.112.124	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	54.78.251.22 54.78.251.22	16509 (AMAZON-02) (AMAZON-02)
13 17	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	18.193.32.76 18.193.32.76	16509 (AMAZON-02) (AMAZON-02)
1 2	18.158.221.94 18.158.221.94	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
117	48

32 104.197.217.66 (United States)

ASN15169 (GOOGLE, US)
PTR: 66.217.197.104.bc.googleusercontent.com

foresttravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.60.103.254 (Canada)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blog.foresttravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.176.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-176-149.eu-west-1.compute.amazonaws.com

quriobot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.141.74 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-141-74.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.56 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-56.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.141.12 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-141-12.ams50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.148.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-148-102.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.141.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-141-68.ams50.r.cloudfront.net

static.botsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.112.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-112-124.eu-west-1.compute.amazonaws.com

botsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.251.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.248.28.111 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.63.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-63-176.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.191 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.32.76 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-32-76.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.221.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-221-94.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.14 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	foresttravel.com foresttravel.com blog.foresttravel.com	2 MB
23	adroll.com 14 redirects s.adroll.com d.adroll.com	29 KB
8	gstatic.com fonts.gstatic.com	93 KB
5	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	5 KB
5	googleapis.com fonts.googleapis.com	6 KB
4	hubspot.com forms.hubspot.com track.hubspot.com	2 KB
4	google.de www.google.de	792 B
4	google.com www.google.com	792 B
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
3	botsrv.com static.botsrv.com botsrv.com	122 KB
3	googletagmanager.com www.googletagmanager.com	113 KB
2	openx.net 1 redirects us-u.openx.net	479 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	870 B
2	3lift.com 1 redirects eb2.3lift.com	739 B
2	outbrain.com 1 redirects sync.outbrain.com	832 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	facebook.com www.facebook.com	495 B
2	facebook.net connect.facebook.net	92 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	bing.com bat.bing.com	9 KB
2	hs-scripts.com js.hs-scripts.com	1 KB
1	taboola.com sync.taboola.com	217 B
1	yahoo.com 1 redirects ads.yahoo.com	734 B
1	pubmatic.com simage2.pubmatic.com	886 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	advertising.com pixel.advertising.com	125 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	hubapi.com api.hubapi.com	378 B
1	hsforms.com forms.hsforms.com	523 B
1	hscollectedforms.net js.hscollectedforms.net	24 KB
1	hsleadflows.net js.hsleadflows.net	76 KB
1	hs-banner.com js.hs-banner.com	13 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	quriobot.com quriobot.com	1 KB
117	37

	Domain	Requested by
32	foresttravel.com	foresttravel.com
17	d.adroll.com	13 redirects
8	fonts.gstatic.com	fonts.googleapis.com
8	blog.foresttravel.com	foresttravel.com
6	s.adroll.com	1 redirects foresttravel.com s.adroll.com d.adroll.com
5	fonts.googleapis.com	foresttravel.com
4	www.google.de	foresttravel.com
4	www.google.com	foresttravel.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googletagmanager.com	foresttravel.com js.hsadspixel.net
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	track.hubspot.com
2	static.botsrv.com	quriobot.com static.botsrv.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	www.google-analytics.com	www.googletagmanager.com foresttravel.com
2	bat.bing.com	foresttravel.com
2	js.hs-scripts.com	foresttravel.com
1	cm.g.doubleclick.net	1 redirects
1	sync.taboola.com
1	ads.yahoo.com	1 redirects
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	pixel.advertising.com
1	d.adroll.mgr.consensu.org	1 redirects
1	botsrv.com	static.botsrv.com
1	api.hubapi.com	js.hsadspixel.net
1	forms.hsforms.com	foresttravel.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hs-analytics.net	foresttravel.com
1	static.hotjar.com	foresttravel.com
1	quriobot.com	foresttravel.com
117	46

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
quriobot.com

Subject Issuer	Validity	Valid
foresttravel.com Let's Encrypt Authority X3	`2020-11-19` - `2021-02-17`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
blog.foresttravel.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh
quriobot.com Amazon	`2020-02-26` - `2021-03-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-10-04` - `2021-03-31`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://foresttravel.com/
Frame ID: 18BA85CA8FE080FB1632AEF54B647501
Requests: 116 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 0785FF4D2BB0EEC9F30965DF3C5A4C7A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

117
Requests

100 %
HTTPS

54 %
IPv6

37
Domains

46
Subdomains

48
IPs

8
Countries

2431 kB
Transfer

6467 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=4gLpXqIgCTc&feature=emb_logo
Title:

Search URL Search Domain Scan URL

URL: https://quriobot.com/?utm_source=qb_widget
Title: Create your own quriobot

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://s.adroll.com/j/exp/2GM7HXLBHNG7JNEKKX3TM2/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 91

https://d.adroll.mgr.consensu.org/consent/iabcheck/2GM7HXLBHNG7JNEKKX3TM2?_s=ee2e8ad72fecba2ca642055275196f31&_b=2 HTTP 302
https://d.adroll.com/consent/check/2GM7HXLBHNG7JNEKKX3TM2/?_s=ee2e8ad72fecba2ca642055275196f31&_b=2

Request Chain 98

https://d.adroll.com/pixel/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&pv=16423851870.11337&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL/GEU4GHTL4RHWDF3ODM6E7W.js

Request Chain 100

https://d.adroll.com/cm/aol/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 101

https://d.adroll.com/cm/index/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expiration=1642285506 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expiration=1642285506&C=1

Request Chain 102

https://d.adroll.com/cm/n/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expires=365

Request Chain 103

https://d.adroll.com/cm/outbrain/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&rdrctExp=true

Request Chain 104

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 105

https://d.adroll.com/cm/r/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 106

https://d.adroll.com/cm/taboola/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc

Request Chain 107

https://d.adroll.com/cm/triplelift/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 108

https://d.adroll.com/cm/b/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc

Request Chain 109

https://d.adroll.com/cm/x/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc

Request Chain 111

https://d.adroll.com/cm/o/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=6ee69dd42de0df75db22dad0bfc57ad7 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6ee69dd42de0df75db22dad0bfc57ad7

Request Chain 112

https://d.adroll.com/cm/g/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=buad1C3g33XbItrQv8V61w HTTP 302
https://d.adroll.com/cm/g/in

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
foresttravel.com/ 228 KB
36 KB 386ms
143ms Document
text/html 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: fd93fdb64843133aca7bf0419e4f2daca4cbb0e9c0b47dff110d050d483ce929

Request headers

:method: GET
:authority: foresttravel.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Fri, 15 Jan 2021 22:25:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://foresttravel.com/wp-json/>; rel="https://api.w.org/" <https://foresttravel.com/wp-json/wp/v2/pages/2323>; rel="alternate"; type="application/json" <https://foresttravel.com/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://foresttravel.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://foresttravel.com
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
content-encoding: br

GET
H2 200 autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css
foresttravel.com/wp-content/cache/autoptimize/css/ 1 MB
213 KB 154ms
153ms Stylesheet
text/css 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/wp-content/cache/autoptimize/css/autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9190f6f33848a14d4b95da429653f69f9d19ad17162fa3ac605833ad29f0d20a

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:04 GMT
content-encoding: br
last-modified: Sat, 09 Jan 2021 00:20:26 GMT
server: nginx
etag: W/"5ff8f6ca-15de68"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dashicons.min.css
foresttravel.com/wp-includes/css/ 58 KB
35 KB 154ms
154ms Stylesheet
text/css 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/wp-includes/css/dashicons.min.css?ver=25112019-20
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:04 GMT
content-encoding: br
last-modified: Mon, 16 Nov 2020 21:01:52 GMT
server: nginx
etag: W/"5fb2e8c0-e681"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&font-display=swap&ver=25112019-20

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8363ea858877d6c7859a8f450178ce1db279588b8dcfa025b5f63925d7f3eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 22:25:04 GMT
server: ESF
date: Fri, 15 Jan 2021 22:25:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jan 2021 22:25:04 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 18 KB
1 KB 43ms
29ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=25112019-20

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32604b98ccc74e9bbc19833e783d276bd10d948ef66d03c405820c5b2ded1a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 21:56:15 GMT
server: ESF
date: Fri, 15 Jan 2021 22:25:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jan 2021 22:25:04 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 49 KB
2 KB 54ms
40ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=25112019-20

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccd1ce3e529193a7b9e201539f441de1245634bb83738431eaf41f027e54692a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 22:25:04 GMT
server: ESF
date: Fri, 15 Jan 2021 22:25:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jan 2021 22:25:04 GMT

GET
H2 200 jquery.js Show response
foresttravel.com/wp-includes/js/jquery/ 95 KB
34 KB 188ms
188ms Script
application/javascript 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/wp-includes/js/jquery/jquery.js?ver=25112019-20
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:04 GMT
content-encoding: br
last-modified: Mon, 16 Nov 2020 21:01:52 GMT
server: nginx
etag: W/"5fb2e8c0-17a69"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067453663

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ec66c589cf58abd111129427552ccf65bacc0dfdadd70031e22456a2b250fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38966
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jan 2021 22:25:04 GMT

GET
H2 200 logos-Forest-white.png
foresttravel.com/wp-content/uploads/2020/01/ 4 KB
4 KB 123ms
118ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/01/logos-Forest-white.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3352e9a5eee08984a5537eb1006f3bc828fd3688def43a0f73ccc36108f1ee91

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:09:59 GMT
server: nginx
etag: "5fb2eaa7-1073"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4211

GET
H2 200 logos-Forest-color.png
foresttravel.com/wp-content/uploads/2020/01/ 5 KB
5 KB 125ms
121ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/01/logos-Forest-color.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 76e003fa5aaad39dc7627b77111c282bd700c5ef784043b2f438778bc24df15b

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:09:59 GMT
server: nginx
etag: "5fb2eaa7-13dd"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5085

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
605 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400%7COpen+Sans:400

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0230781fbc7e40d4a72a9c1be4fb3e71c3b1e9b4a50cbcfced13fbe1969a43a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 22:25:04 GMT
server: ESF
date: Fri, 15 Jan 2021 22:25:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jan 2021 22:25:04 GMT

GET
H2 200 play-button2.png
foresttravel.com/wp-content/uploads/2020/02/ 6 KB
6 KB 169ms
165ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/02/play-button2.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8733f48b11a3216b839da6526cb295bdc3c5344708e0475a88a9a186f557e605

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:09:59 GMT
server: nginx
etag: "5fb2eaa7-18cc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6348

GET
H2 200 home-arrow-carousel.png
foresttravel.com/wp-content/uploads/2019/12/ 2 KB
2 KB 124ms
120ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2019/12/home-arrow-carousel.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d9cfc3be1730a4cf728fcfd84a732e45b127b40bb2c9457fdf0118009a9223cd

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:25:18 GMT
server: nginx
etag: "5fb2ee3e-8bc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2236

GET
H2 200 1Logo%20Amadeus.png
blog.foresttravel.com/hubfs/Footer%20Logos/ 3 KB
4 KB 120ms
53ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.foresttravel.com/hubfs/Footer%20Logos/1Logo%20Amadeus.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa2f6d9084c128207870e255716f653f6fbe5c45f2c399d20f0d79bb34993350

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 b8eaad25e4131c15c21d3d50aac2684d.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-10145132174,FD-10108959601,P-2737776,FLS-ALL
age: 48259
cf-polished: origFmt=png, origSize=5418
edge-cache-tag: F-10145132174,FD-10108959601,P-2737776,FLS-ALL
content-disposition: inline; filename="1Logo%20Amadeus.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: E39CCADDFEAF4B5B
cf-request-id: 07a9c0062100001f7413875000000001
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Sun, 02 Jun 2019 17:55:06 GMT
server: cloudflare
etag: "b7bb362eb44e97f99c80e6bfde7d9977"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: 0qiuCZSyrgOR7VLP3KxqQyrOvgVjTCc1aUpNbatgF7zuTglnD6x8i8w897YAFgTFe8owEwcfx94=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 7UYchcbvCWHX8IJAMvfB_65OfoQbaPMX
x-amz-cf-pop: AMS54-C1
content-length: 3358
cf-ray: 612302b69b9e1f74-AMS
x-amz-cf-id: IdS90dF5PdZruk8upliT0NRLZe_lmmUfFErkU_9j78NA-9RLaTV7_w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 2Logo%20BBB.png
blog.foresttravel.com/hubfs/Footer%20Logos/ 5 KB
5 KB 921ms
855ms Image
image/png 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.foresttravel.com/hubfs/Footer%20Logos/2Logo%20BBB.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d710dee6eef4424f1220fd32cf5062c4ea626a096010ef09dc36a7da257f83d8

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 b61409af370dbf025ffc910b1252c65f.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cache-tag: F-10145189822,FD-10108959601,P-2737776,FLS-ALL
x-amz-cf-pop: AMS54-C1
edge-cache-tag: F-10145189822,FD-10108959601,P-2737776,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 9A67C5C0F052C6F1
cf-request-id: 07a9c0062100001f74719cb000000001
accept-ranges: bytes
last-modified: Sun, 02 Jun 2019 17:55:05 GMT
server: cloudflare
etag: "070ea42a4158aa364292d2b322b1b377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-amz-id-2: W+YFCvdWSIwlEeQ5Ifj/dUOjD9VgFtcclyqmT/iR13aauy797c0Jlc5D3XeOeNIvDJVZq1q4PhE=
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: jMovZpl2aAhzeAxob5fa2YIthaIqA_de
content-length: 4649
cf-ray: 612302b69ba11f74-AMS
x-amz-cf-id: 6jlRg_PTC3xsDnNAnHdd8-yesacFvP4FLf0w5CET6le01iZ60v-bGA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 3Logo%20Magnatech.png
blog.foresttravel.com/hubfs/Footer%20Logos/ 6 KB
6 KB 107ms
42ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.foresttravel.com/hubfs/Footer%20Logos/3Logo%20Magnatech.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac8d15766c96ffd90308afc4c90b372fd26d3892571aad50186aa6c64add5153

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 3af85c3075e12aff72b9e148b99d6623.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-10145189823,FD-10108959601,P-2737776,FLS-ALL
age: 10847
cf-polished: origFmt=png, origSize=9059
edge-cache-tag: F-10145189823,FD-10108959601,P-2737776,FLS-ALL
content-disposition: inline; filename="3Logo%20Magnatech.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 0A69B51AA4C86A81
cf-request-id: 07a9c0062200001f740e183000000001
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Sun, 02 Jun 2019 17:55:05 GMT
server: cloudflare
etag: "76ce65c05bc474b47cbe57781d16b342"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: yF5r0ArV/m8Gb3cVg4ZejLRboAoPbrC2zlsrtVACfg4KcZeBWF2kAipQA8s/idGlIkNPp7HI/h8=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: Quy_XjGlxJu0l1x7dCqK1449SCY9EgPy
x-amz-cf-pop: AMS54-C1
content-length: 6152
cf-ray: 612302b69ba31f74-AMS
x-amz-cf-id: BQdK3fFNRSbDfnUyONcB-p0oJuiEnYpleg58jw2FDfQFYMbzKFwWXQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 4Logo%20SAP%20Concur.png
blog.foresttravel.com/hubfs/Footer%20Logos/ 4 KB
5 KB 107ms
41ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.foresttravel.com/hubfs/Footer%20Logos/4Logo%20SAP%20Concur.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddb582f23326e27525dc8a5aa9b18fe791f07cf4e604911c591baaf028d116e6

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e9.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-10145189536,FD-10108959601,P-2737776,FLS-ALL
age: 48260
cf-polished: origFmt=png, origSize=7688
edge-cache-tag: F-10145189536,FD-10108959601,P-2737776,FLS-ALL
content-disposition: inline; filename="4Logo%20SAP%20Concur.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: F8C52394974D38D2
cf-request-id: 07a9c0062200001f7410876000000001
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Sun, 02 Jun 2019 17:55:05 GMT
server: cloudflare
etag: "5b5c427e0349a7ec1cab7e906a4cdc9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: lDFMbJ9hEWgEEUtdxbQg0bEER9oRlwKNBV+yDPpBXCiEPIb3Dz3KWaXXHJaZdVcrZI6Ophrgg74=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 1Muz1tTxzVnYkJEDFAt3AraHcxDOMQ9c
x-amz-cf-pop: AMS54-C1
content-length: 4476
cf-ray: 612302b69ba71f74-AMS
x-amz-cf-id: KPbwGNjHsI44UwmTkbTjjuZVOoqAT4T4eACH51K1Grh8FmCUQNjSXA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 5Logo%20Virtuoso.png
blog.foresttravel.com/hubfs/Footer%20Logos/ 3 KB
4 KB 124ms
59ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.foresttravel.com/hubfs/Footer%20Logos/5Logo%20Virtuoso.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e539278ae60bc5936791cd12c83608f62e4aa658157cece58996aa2784239ac1

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-10145189820,FD-10108959601,P-2737776,FLS-ALL
age: 48260
cf-polished: origFmt=png, origSize=6981
edge-cache-tag: F-10145189820,FD-10108959601,P-2737776,FLS-ALL
content-disposition: inline; filename="5Logo%20Virtuoso.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 47390E9336EF9E88
cf-request-id: 07a9c0062200001f7413876000000001
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Sun, 02 Jun 2019 17:55:05 GMT
server: cloudflare
etag: "2e47b031e6f93abe716071444ed8769b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: zCS6d5W7GvXLAhH3Xv6XxbGg0tFVxoK1yEJHTv49cT18A4UzBtZ4O5EhldcZQlh8GpQa/ujN8oU=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: VglGQHVZJOaduv6mYz5jsNemMT2FEFv0
x-amz-cf-pop: AMS54-C1
content-length: 3036
cf-ray: 612302b69ba81f74-AMS
x-amz-cf-id: 7o2TSSDgShCd4IwSUfVlNVZw5qhxuGzxe_cLKTMMZ2_gCibE6wnUyQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 6Logo%20ARC.png
blog.foresttravel.com/hubfs/Footer%20Logos/ 3 KB
3 KB 121ms
56ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.foresttravel.com/hubfs/Footer%20Logos/6Logo%20ARC.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3ce8510341a291706d824c36163c9025090ff096ee4ca32d41309ce82afaa73

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48d.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-10145189237,FD-10108959601,P-2737776,FLS-ALL
age: 48259
cf-polished: origFmt=png, origSize=5282
edge-cache-tag: F-10145189237,FD-10108959601,P-2737776,FLS-ALL
content-disposition: inline; filename="6Logo%20ARC.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 15C817D0B12CA742
cf-request-id: 07a9c0062200001f7418b27000000001
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Sun, 02 Jun 2019 17:55:05 GMT
server: cloudflare
etag: "355e609fdab38e5d56d79df9c16068d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: Jv8LDoJl0A8NZ1bfScpQVyHLeCQffIVtBgTJV0ObdK1PDgaFyYly2Bv2hnMcahRaP15csWN2BkU=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: AXkIRVb746ulHBHeGNeG4QOzRKgiFGkG
x-amz-cf-pop: AMS54-C1
content-length: 2976
cf-ray: 612302b69bab1f74-AMS
x-amz-cf-id: c1ELkcQC4OYH7Ley9Ro-yiEIhLuA9dOp6bKYe1WmnRW59pphEShtKw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 7Logo%20IATA.png
blog.foresttravel.com/hubfs/Footer%20Logos/ 4 KB
4 KB 49ms
49ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.foresttravel.com/hubfs/Footer%20Logos/7Logo%20IATA.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7558995674f167754905b136ee318b67f0b66a887b26a3025317906cd64753b3

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 2b298af2bb6f21ab0dee9e764d8bcb29.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-10145132175,FD-10108959601,P-2737776,FLS-ALL
age: 48259
cf-polished: origFmt=png, origSize=6172
edge-cache-tag: F-10145132175,FD-10108959601,P-2737776,FLS-ALL
content-disposition: inline; filename="7Logo%20IATA.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 60E0889DBB6335BF
cf-request-id: 07a9c0062a00001f74110b1000000001
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Sun, 02 Jun 2019 17:55:05 GMT
server: cloudflare
etag: "fa79202a73c2fba8232ad0e9646bac8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: KGn9O9mlYx1XnYzEa6ZMjinNiVAymbAedoTCnk9J9zhEi96LbDobXwvvAHFCEcbcoeVfdCn0v2Q=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 3XfMPjdNFltyz4i8fm47j7aQHgUM4YB7
x-amz-cf-pop: AMS54-C1
content-length: 3806
cf-ray: 612302b6abca1f74-AMS
x-amz-cf-id: QjuER14_IWyz2YFxfymrYwZ0fnHkDQBdK_HAsPD2cinwK3jPvc6eRg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 9Logo%20NMSDC.png
blog.foresttravel.com/hubfs/Footer%20Logos/ 4 KB
5 KB 47ms
46ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.foresttravel.com/hubfs/Footer%20Logos/9Logo%20NMSDC.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62ef8de50ccfe15141aa6326fdf25c032c023ce9235a8c67134c428da17a062b

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-10145132176,FD-10108959601,P-2737776,FLS-ALL
age: 48260
cf-polished: origFmt=png, origSize=7016
edge-cache-tag: F-10145132176,FD-10108959601,P-2737776,FLS-ALL
content-disposition: inline; filename="9Logo%20NMSDC.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 5FB68162645B3E07
cf-request-id: 07a9c0062a00001f7472275000000001
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Sun, 02 Jun 2019 17:55:05 GMT
server: cloudflare
etag: "a1e68c52037fe770e5fb86aa694b5563"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: VUof98oYD7BgiwTclId6yPuFTriBKTkg/RJG1HHml0WqnZRYcl8rt9qPfBG785Iy92QWxbiA3YE=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: laVnO9hNBmK9q0IvVajhNsApl7t8laF9
x-amz-cf-pop: AMS54-C1
content-length: 4152
cf-ray: 612302b6abcd1f74-AMS
x-amz-cf-id: wcsSQRWN99FPiuTfIPYpeydwhT7HP2mMnZMCX-okkWf3wQ11R5it6Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 5A7VaDrlL5rB6xgO Show response
quriobot.com/qb/widget/69nJaZmp8ompvxPR/ 1 KB
1 KB 119ms
35ms Script
application/javascript 52.208.176.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://quriobot.com/qb/widget/69nJaZmp8ompvxPR/5A7VaDrlL5rB6xgO

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.176.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-176-149.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

476cc0144d5beedf02da287a2bcb4287def6ba9e593bc161f854600bd766d67c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ; frame-src ; style-src 'self' 'unsafe-inline' * blob:; frame-ancestors *
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin
last-modified: Fri, 15 Jan 2021 22:25:05 GMT
server: nginx
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *; frame-src *; style-src 'self' 'unsafe-inline' * blob:; frame-ancestors *
strict-transport-security: max-age=15552000
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
expires: Sat, 15 Jan 2022 22:25:05 GMT

GET
H2 200 2737776.js Show response
js.hs-scripts.com/ 2 KB
762 B 137ms
134ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2737776.js
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a3f7a98bbb01a2b458b51a349f4d3bec508934f0d596ba6a472a7c60850de7

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B2AE3FF3E1C7EB861D5D09B1F31C9C7E6552F12A7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://foresttravel.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 612302b629fd05d0-FRA
cf-request-id: 07a9c005db000005d0eea38000000001
expires: Fri, 15 Jan 2021 22:26:05 GMT

GET
H2 200 2737776.js Show response
js.hs-scripts.com/ 2 KB
696 B 137ms
135ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2737776.js?integration=WordPress&ver=25112019-20
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a3f7a98bbb01a2b458b51a349f4d3bec508934f0d596ba6a472a7c60850de7

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B1E1B25D562807144C19726085F613AB703F0C563000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://foresttravel.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 612302b62a0205d0-FRA
cf-request-id: 07a9c005dc000005d0c3887000000001
expires: Fri, 15 Jan 2021 22:26:05 GMT

GET
H2 200 autoptimize_92247f5917e8ab5d5d3f55f7dab73f50.js Show response
foresttravel.com/wp-content/cache/autoptimize/js/ 1 MB
321 KB 161ms
159ms Script
application/javascript 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/wp-content/cache/autoptimize/js/autoptimize_92247f5917e8ab5d5d3f55f7dab73f50.js
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f6825d210edaa74ae0bee9c5aa67281ac90de3d443e8181d33c653cce399b649

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
last-modified: Sat, 09 Jan 2021 00:20:26 GMT
server: nginx
etag: W/"5ff8f6ca-12fced"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H3-Q050 200 css2
fonts.googleapis.com/ 7 KB
638 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/wp-content/cache/autoptimize/css/autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9ef4cfdaeff6d589b8566592e0bf48f49b8e0cd439c21148e9f474eb070d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/wp-content/cache/autoptimize/css/autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 22:01:07 GMT
server: ESF
date: Fri, 15 Jan 2021 22:25:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jan 2021 22:25:04 GMT

GET
H2 200 wp-emoji-release.min.js Show response
foresttravel.com/wp-includes/js/ 14 KB
5 KB 121ms
119ms Script
application/javascript 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/wp-includes/js/wp-emoji-release.min.js?ver=25112019-20
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
last-modified: Mon, 16 Nov 2020 21:01:52 GMT
server: nginx
etag: W/"5fb2e8c0-37a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 47ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:04 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: CF2F7FFB877941ADAC8D9D6B01744E63 Ref B: FRAEDGE1211 Ref C: 2021-01-15T22:25:05Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 hotjar-1070680.js Show response
static.hotjar.com/c/ 3 KB
2 KB 94ms
54ms Script
application/javascript 52.222.141.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1070680.js?sv=6

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.141.74 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-141-74.ams50.r.cloudfront.net

Software

Resource Hash

b76ccb185557585a2f20c08db919c29fcc2f1e6992e194f1d1f445bca814dc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: AMS50-C1
etag: W/83b6e9cbed680a891a2dd60fed88f023
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1540
via: 1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
x-amz-cf-id: PWO631RTKFNm0v1D7w7eszqqzA_OF6SIVAEHOLuBpoFLMPr-OzPjqQ==

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
37 KB 64ms
48ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CCNPZL

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c44da5bb23c51c1e434b517ad0d44b8e94adb4dff3b23d66187e262454381dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37271
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jan 2021 22:25:05 GMT

GET
H2 200 home-Online-Booking-Tool.jpg
foresttravel.com/wp-content/uploads/2020/01/ 12 KB
12 KB 179ms
178ms Image
image/jpeg 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/01/home-Online-Booking-Tool.jpg
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9704eaba402684353deb08cef7861e35b8eeead7466137a30bb5464c2ff5a6c4

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:09:59 GMT
server: nginx
etag: "5fb2eaa7-2fb7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12215

GET
H2 200 home-Dedicated-Travel-Agent.jpg
foresttravel.com/wp-content/uploads/2019/12/ 7 KB
7 KB 179ms
178ms Image
image/jpeg 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2019/12/home-Dedicated-Travel-Agent.jpg
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 77e086fb665e3c8ee757deebe374d4ef78613e398404c3f1bfefbcf8e1cea1a0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:25:18 GMT
server: nginx
etag: "5fb2ee3e-1c8c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7308

GET
H2 200 home-Travel-Program-Customization.jpg
foresttravel.com/wp-content/uploads/2020/01/ 17 KB
17 KB 180ms
178ms Image
image/jpeg 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/01/home-Travel-Program-Customization.jpg
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4fc165d7be3b9083b16525551fd123f842b580ec6e8cd080b24976083f02d880

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:09:59 GMT
server: nginx
etag: "5fb2eaa7-4264"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16996

GET
H2 200 home-Group-Travel.jpg
foresttravel.com/wp-content/uploads/2020/01/ 13 KB
14 KB 180ms
179ms Image
image/jpeg 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/01/home-Group-Travel.jpg
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 82ce2eeb3a9cc7011cc0af65acbf9cf071a9ccb372eb3330b38baab70c8f4774

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:09:59 GMT
server: nginx
etag: "5fb2eaa7-352c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13612

GET
H2 200 mfn-icons.woff
foresttravel.com/wp-content/themes/betheme/fonts/ 80 KB
80 KB 178ms
176ms Font
font/woff 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/wp-content/themes/betheme/fonts/mfn-icons.woff?31690507
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/wp-content/cache/autoptimize/css/autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677

Request headers

Origin: https://foresttravel.com
Referer: https://foresttravel.com/wp-content/cache/autoptimize/css/autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:33:20 GMT
server: nginx
etag: "5fb2f020-13e28"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 81448

GET
H2 200 fontawesome-webfont.woff2
foresttravel.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 75 KB
76 KB 179ms
177ms Font
font/woff2 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/wp-content/cache/autoptimize/css/autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://foresttravel.com
Referer: https://foresttravel.com/wp-content/cache/autoptimize/css/autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Tue, 22 Dec 2020 18:59:41 GMT
server: nginx
etag: "5fe2421d-12d68"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&font-display=swap&ver=25112019-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://foresttravel.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&font-display=swap&ver=25112019-20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 15:35:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 110972
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 14 Jan 2022 15:35:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://foresttravel.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&font-display=swap&ver=25112019-20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:12:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 108780
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 14 Jan 2022 16:12:05 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://foresttravel.com
Referer: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 21:09:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 90957
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Fri, 14 Jan 2022 21:09:08 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://foresttravel.com
Referer: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 20:14:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 94258
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:14:07 GMT

GET
H3-Q050 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://foresttravel.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&font-display=swap&ver=25112019-20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 05:35:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 146999
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Fri, 14 Jan 2022 05:35:06 GMT

GET
H2 200 home-computer-phone-min.png
foresttravel.com/wp-content/uploads/2020/06/ 37 KB
38 KB 135ms
129ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/06/home-computer-phone-min.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ebc478f6b1618862bf9c95cd3d69f37ffadec026fb1f136fc9b4414f4c07621c

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:12:07 GMT
server: nginx
etag: "5fb2eb27-95d9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 38361

GET
H2 200 home-Corporate-Travel-Management.png
foresttravel.com/wp-content/uploads/2019/12/ 4 KB
5 KB 136ms
130ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2019/12/home-Corporate-Travel-Management.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b3f3d8289c20fc4eba0b16e49e5b0d6c1e6851bbe2d75713c533b287c8ccfd8

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:25:18 GMT
server: nginx
etag: "5fb2ee3e-11df"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4575

GET
H2 200 home-Meetings-and-Incentives.png
foresttravel.com/wp-content/uploads/2019/12/ 4 KB
4 KB 135ms
130ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2019/12/home-Meetings-and-Incentives.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6dd1648c3044403835d68d95e16c9b24d60e6969dc3f764035c3c1a6afcb066e

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:25:18 GMT
server: nginx
etag: "5fb2ee3e-10ce"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4302

GET
H2 200 home-Travel-Consulting.png
foresttravel.com/wp-content/uploads/2019/12/ 8 KB
8 KB 135ms
131ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2019/12/home-Travel-Consulting.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29c2b6028a85625ad7c35dc7c7eb00a129a92a300ad238bc8fdff629e4df69c0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:25:18 GMT
server: nginx
etag: "5fb2ee3e-208d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8333

GET
H2 200 home-Full-Visibility.png
foresttravel.com/wp-content/uploads/2019/12/ 3 KB
3 KB 134ms
129ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2019/12/home-Full-Visibility.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 617e9c9963632d266d3c9e09607a562b14ef8047dfce95a1ae69b633554af10a

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:25:18 GMT
server: nginx
etag: "5fb2ee3e-bb6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2998

GET
H2 200 home-Expense-Automation.png
foresttravel.com/wp-content/uploads/2019/12/ 3 KB
3 KB 134ms
130ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2019/12/home-Expense-Automation.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e1a45d3351c5dcc61a6954c5a409d33ff8eb0362c0f4447fbd1e7d5ca0e9196b

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:25:18 GMT
server: nginx
etag: "5fb2ee3e-b70"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2928

GET
H2 200 home-Exclusive-Contracts.png
foresttravel.com/wp-content/uploads/2019/12/ 5 KB
5 KB 134ms
130ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2019/12/home-Exclusive-Contracts.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b46f8bce4305558eb4a77124d72975300338b6f7f6e97492dd9dae0361bbb708

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:25:18 GMT
server: nginx
etag: "5fb2ee3e-1278"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4728

GET
H2 200 home-Risk-Management.png
foresttravel.com/wp-content/uploads/2019/12/ 7 KB
7 KB 134ms
131ms Image
image/png 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2019/12/home-Risk-Management.png
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c93a362689bb3827b6385b58b868b4da96230d841d944f71a80334cdfdbe6551

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:25:18 GMT
server: nginx
etag: "5fb2ee3e-1cf9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7417

GET
H2 200 2737776.js Show response
js.hs-analytics.net/analytics/1610749800000/ 61 KB
18 KB 167ms
167ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1610749800000/2737776.js
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 690046a4804e6da3409d496df1aa4994fe217dc17eb24ebfd61c501457fdcf73

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 772234E714992546
x-amz-server-side-encryption: AES256
cf-ray: 612302b6d8131f4d-FRA
x-amz-id-2: 4GZSFs2uiGXGAa9NmIQmefx37+WlitmfT3+YZol3tp+8h5tbi3lH2yihQjgZAbM8Fl1gpwLivJ0=
last-modified: Thu, 14 Jan 2021 17:05:20 GMT
server: cloudflare
etag: W/"bdbd0c84d74796e88c475568fe6b4fb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 07a9c0064600001f4d9a9a4000000001
content-type: text/javascript
expires: Fri, 15 Jan 2021 22:30:05 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 42ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25049075&Ver=2&mid=eba5b36b-df0f-442e-a283-da20731dd0a4&sid=843fb9f0578011eb8d6bf7db258ef2d2&vid=84400740578011eb91e8d35f7d32cd69&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&p=https%3A%2F%2Fforesttravel.com%2F&r=&evt=pageLoad&msclkid=N&sv=1&rn=902625
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 15 Jan 2021 22:25:04 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 3CF5B97BEA4948679E4C032C4EA929FA Ref B: FRAEDGE1211 Ref C: 2021-01-15T22:25:05Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 87ms
33ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1067453663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0760449cf607277e85c0b2f456cc04da73515bf4bf85832a66e24faeffe7676b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12184
x-xss-protection: 0
server: cafe
etag: 16153075511613835353
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Jan 2021 22:25:05 GMT

GET
H2 200 modules.b4ff14036c63643c660d.js Show response
script.hotjar.com/ 222 KB
59 KB 89ms
30ms Script
application/javascript 13.224.194.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b4ff14036c63643c660d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1070680.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.56 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-56.fra2.r.cloudfront.net

Software

Resource Hash

41e4498250cd56767cd521b1bc9cda2d5cd48891c0112c344eea9e67f137fc00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 15:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24478
x-cache: Hit from cloudfront
content-length: 59684
access-control-allow-origin: *
last-modified: Fri, 15 Jan 2021 15:34:03 GMT
etag: "1590ee82fa241bfb96ac31cb79006300"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QzrfgucB_kDA_mqVKUWs8YqfnXuBtviM74Tbqgtjp4K84X3qZ3__hg==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
2 KB 19ms
17ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2737776.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1496eb4cdbd0d93463435e73938df03ada398b8c602fb257d78dfe3d6015dd

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 ac28147bf6a75debb0811f62b6224e6f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 319
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.220/bundles/pixels-release.js&cfRay=6122faeccc3f2bce-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07a9c006700000d6e182295000000001
last-modified: Mon, 04 Jan 2021 01:17:29 UTC
server: cloudflare
etag: W/"632aa3165be38ae826d4cdf20b0c1be4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RUz8iftYl3toUgoWwj9.u0Tb.QrOFRpY
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 612302b71dfbd6e1-FRA
x-amz-cf-id: bFjuktmcQMPcUXhhbJwdkLznPsOOsEttguBQ6P8H9-_pF3EsyWRBpg==

GET
H2 200 2737776.js Show response
js.hs-banner.com/ 54 KB
13 KB 29ms
28ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2737776.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2737776.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fd2ecfb5502906b90601768dffa86e3a074ff16f13afad29732d598994a4f6a

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=zA3YJA==, md5=PHYmrKThKnZ26VGRNTam0Q==
date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-Ux8Fgdtnx3XuIV8ruEjyUXdrJl_gqBvjt1l1Rp2fNMx3ZLUSwaqP5QJq18phANxQNZrflOKuQXus3lD2oVU5qzgLgPaNw
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 07a9c006710000dfbb4c0fa000000001
timing-allow-origin: *
last-modified: Tue, 05 Jan 2021 17:33:52 GMT
server: cloudflare
etag: W/"3c7626aca4e12a7676e951913536a6d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1609868032892271
access-control-allow-origin: https://foresttravel.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 55623
cf-ray: 612302b718d4dfbb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 15 Jan 2021 22:30:05 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 448 KB
76 KB 38ms
37ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2737776.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ed6ce02b6c75337190849469779a4bd41848b76017521bf4544f268c011ad4

Request headers

Origin: https://foresttravel.com
Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 157ebd6865840045fc8b5ed1cce7e466.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 77920
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.969/bundle/main/lead-flows-release.js&cfRay=611b946198553260-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07a9c0067000003260ce89f000000001
cf-ray: 612302b719fa3260-FRA
last-modified: Thu, 17 Dec 2020 10:03:39 UTC
server: cloudflare
etag: W/"a566ab0a8f74bc7424c04febd0ea0ce7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: rhp8gAMuDbTLsXApeWVaA5lKkewB4A5p
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: rlXOPCNaFIJPmtsocwaC1bToS58YaMENLlDCZUtwUhNk7B_uvW-D6g==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 78 KB
24 KB 44ms
22ms Script
application/javascript 2606:4700::6811:80ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2737776.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77f18983978fdbdc4e736eb42c0935e8ae171411eb8e7456613b866909847fe

Request headers

Origin: https://foresttravel.com
Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
via: 1.1 199fd61d7551d8868317c5b53cc7d24d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 77920
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.218/bundles/project.js&cfRay=611b9461dd5c4a74-IAD
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07a9c00687000005f9550b5000000001
cf-ray: 612302b73fe805f9-FRA
last-modified: Wed, 13 Jan 2021 04:52:22 UTC
server: cloudflare
etag: W/"23d90b523792ecc8a2cdb61f5c56c822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: l5hl4wLLPuxBjnmkvdH2KMZeLtJKjIWF
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Xptez_aDlq4vI5C6VsV3kFJqbZPpb1XhK4tFB1uDRlR3dnJxmXioiA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CCNPZL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3933
date: Fri, 15 Jan 2021 21:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 15 Jan 2021 23:19:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-27464537-1&cid=163904587.1610749505&jid=421501078&gjid=916562644&_gid=487935962.1610749505&_u=YGBAgAABAAAAAE~&z=1932913080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Jan 2021 22:25:05 GMT
content-type: text/plain
access-control-allow-origin: https://foresttravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 37ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1172966562&t=pageview&_s=1&dl=https%3A%2F%2Fforesttravel.com%2F&ul=en-us&de=UTF-8&dt=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=421501078&gjid=916562644&cid=163904587.1610749505&tid=UA-27464537-1&_gid=487935962.1610749505&gtm=2wg1615CCNPZL&z=1953247981

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 07:18:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54377
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 0785 0
0 56ms
16ms Document
text/html 52.222.141.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1070680.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.141.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-141-12.ams50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://foresttravel.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://foresttravel.com/

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbd13e5e9621f4e45e6a452ed9862bf1.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: er70mShpuyjP3-owFV3pVjrIF8oEEE2IxeV7F6-sTmv2NfvIqjzg-g==
age: 4598642

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-27464537-1&cid=163904587.1610749505&jid=421501078&_u=YGBAgAABAAAAAE~&z=835159784

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-27464537-1&cid=163904587.1610749505&jid=421501078&_u=YGBAgAABAAAAAE~&z=835159784

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
465 B 130ms
127ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=2737776&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b7743ef82e959d8ad16377223cb2560847185672422623de76a26b04012e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://foresttravel.com
access-control-max-age: 180
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 612302b7e8482b29-FRA
access-control-allow-headers: *
cf-request-id: 07a9c006f300002b297391c000000001

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067453663/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067453663/?random=1610749505276&cv=9&fst=1610749505276&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fforesttravel.com%2F&tiba=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fd647608a0d61b2b52ea78b95c675120f86225170c4d89b775b4b50153c4ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1067453663/ 42 B
530 B 50ms
35ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067453663/?random=1610749505276&cv=9&fst=1610748000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fforesttravel.com%2F&tiba=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&async=1&fmt=3&is_vtc=1&random=3679692827&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1067453663/ 42 B
530 B 51ms
35ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1067453663/?random=1610749505276&cv=9&fst=1610748000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fforesttravel.com%2F&tiba=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&async=1&fmt=3&is_vtc=1&random=3679692827&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1070680/ 152 B
305 B 103ms
40ms XHR
application/json 52.18.148.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1070680/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b4ff14036c63643c660d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.148.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-148-102.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067453663/ 2 KB
2 KB 79ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067453663/?random=1610749505362&cv=9&fst=1610749505362&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fforesttravel.com%2F&tiba=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f73eb17ef88c1b106a71e521f211e8994efe544c3acdf81c8897ec0b66cee07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://foresttravel.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&font-display=swap&ver=25112019-20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 22:21:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 345825
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 11 Jan 2022 22:21:20 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://foresttravel.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&font-display=swap&ver=25112019-20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 06:19:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 230719
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 13 Jan 2022 06:19:46 GMT

GET
H2 200 revolution.extension.slideanims.min.js Show response
foresttravel.com/wp-content/plugins/revslider/public/assets/js/extensions/ 29 KB
7 KB 119ms
118ms XHR
application/javascript 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.7
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/wp-includes/js/jquery/jquery.js?ver=25112019-20
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f755d1b33621f2a2d5d9889dffa5f3e379651763b74c0070339ddc04969dc6e7

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://foresttravel.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
last-modified: Mon, 16 Nov 2020 21:07:14 GMT
server: nginx
etag: W/"5fb2ea02-72db"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 revolution.extension.layeranimation.min.js Show response
foresttravel.com/wp-content/plugins/revslider/public/assets/js/extensions/ 55 KB
15 KB 124ms
124ms XHR
application/javascript 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://foresttravel.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.7
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/wp-includes/js/jquery/jquery.js?ver=25112019-20
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 84cf55be6dd4649960f1bdfd5e2a0eb14d6a7bf712d7830bd4a0475dea8509bb

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://foresttravel.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
content-encoding: br
last-modified: Mon, 16 Nov 2020 21:07:14 GMT
server: nginx
etag: W/"5fb2ea02-da86"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400%7COpen+Sans:400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://foresttravel.com
Referer: https://fonts.googleapis.com/css?family=Lato:400%7COpen+Sans:400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 19:09:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 184555
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 13 Jan 2022 19:09:10 GMT

GET
H2 200 Forest-home-bg-2-min-min-1.jpg
foresttravel.com/wp-content/uploads/2020/06/ 208 KB
209 KB 120ms
116ms Image
image/jpeg 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/06/Forest-home-bg-2-min-min-1.jpg
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd60d3b0e957c1e714e779b29570e421d215628c2fd9694ef590ed3ded961291

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:13:33 GMT
server: nginx
etag: "5fb2eb7d-340a6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 213158

GET
H2 200 Forest-home-bg-3-min-min.jpg
foresttravel.com/wp-content/uploads/2020/06/ 96 KB
96 KB 148ms
144ms Image
image/jpeg 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/06/Forest-home-bg-3-min-min.jpg
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6723057290b58abed2a614a6ecb0901f5f901000169ddf207b700eca57e49681

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:13:33 GMT
server: nginx
etag: "5fb2eb7d-17f70"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 98160

GET
H2 200 Forest-home-bg-5-min-min.jpg
foresttravel.com/wp-content/uploads/2020/06/ 165 KB
166 KB 148ms
144ms Image
image/jpeg 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/06/Forest-home-bg-5-min-min.jpg
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0827c5dabcd83aa6b938144f30c3ab3d9a4c893c1c02774d7a19d2d0047c6b52

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:13:33 GMT
server: nginx
etag: "5fb2eb7d-29565"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 169317

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
523 B 141ms
120ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2BD6E9D2682D5A0230BB8931B1270B307339F54C29000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 612302ba197d1f29-FRA
content-length: 35
cf-request-id: 07a9c0085100001f29a3ac6000000001

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1067453663/ 42 B
66 B 25ms
24ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067453663/?random=1610749505362&cv=9&fst=1610748000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fforesttravel.com%2F&tiba=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&async=1&fmt=3&is_vtc=1&random=2680677918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1067453663/ 42 B
66 B 22ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1067453663/?random=1610749505362&cv=9&fst=1610748000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fforesttravel.com%2F&tiba=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&async=1&fmt=3&is_vtc=1&random=2680677918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: foresttravel.com
URL: https://foresttravel.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.gif
foresttravel.com/wp-content/plugins/revslider/public/assets/assets/ 2 KB
3 KB 134ms
133ms Image
image/gif 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/wp-content/cache/autoptimize/css/autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

Referer: https://foresttravel.com/wp-content/cache/autoptimize/css/autoptimize_8a142e42a763ca52579e0adbfe7d98e1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:05 GMT
last-modified: Mon, 16 Nov 2020 21:06:00 GMT
server: nginx
etag: "5fb2e9b8-9f1"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2545

GET
H2 200 widget2.8b218cc3.js Show response
static.botsrv.com/website/js/ 416 KB
111 KB 62ms
21ms Script
application/javascript 52.222.141.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.botsrv.com/website/js/widget2.8b218cc3.js
Requested by: Host: quriobot.com
URL: https://quriobot.com/qb/widget/69nJaZmp8ompvxPR/5A7VaDrlL5rB6xgO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.141.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-141-68.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b53c1776cf959b385e1467af14b0d415294dbdb638a39cc916255e755a96dd42

Request headers

Origin: https://foresttravel.com
Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 14:19:47 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 374719
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 11 Jan 2021 14:18:42 GMT
server: AmazonS3
etag: W/"7c2eec02e9c4d568733e05c644a8c7fc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 425cbe8f956bdcb8754c19eb873fd2d1.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: U7FBt5rwNY-SM3j40pq06pXi0fZqZ21PAgeuMxHoY8zqx77VZroQ_Q==

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 141 B
378 B 124ms
123ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2737776

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae39002ff97c3549c770c27235c41aadfb564d391a8741cf84cba1974fcaa3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 07a9c009750000176e7fb77000000001
server: cloudflare
x-trace: 2B6758AD47D3D05780BCD4C1996F4D71F44B484C5B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://foresttravel.com
access-control-allow-credentials: false
cf-ray: 612302bbec9d176e-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
258 B 25ms
25ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=2737776&ct=standard-page&rcu=https%3A%2F%2Fforesttravel.com%2F&pu=https%3A%2F%2Fforesttravel.com%2F&t=Forest+Travel+Agency%3A+Corporate+Travel+Management+Company&cts=1610749505917&vi=bfa910bda895016a7019c0d12d4d2d05&nc=true&u=88154884.bfa910bda895016a7019c0d12d4d2d05.1610749505914.1610749505914.1610749505914.1&b=88154884.1.1610749505914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 612302bbfc13c303-FRA
date: Fri, 15 Jan 2021 22:25:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 07a9c0097d0000c303332eb000000001
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
995 B 130ms
130ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2737776&utk=bfa910bda895016a7019c0d12d4d2d05&__hstc=88154884.bfa910bda895016a7019c0d12d4d2d05.1610749505914.1610749505914.1610749505914.1&__hssc=88154884.1.1610749505914&currentUrl=https%3A%2F%2Fforesttravel.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17db214b3319e984e46ed54cdb8688d16c20629d2d9df5b51cb85931921bd22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-ray: 612302bc39df2b29-FRA
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 07a9c009a000002b29a789c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://foresttravel.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 40 KB
13 KB 79ms
29ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: eHeCFa11ZmebQv0hmrjMAs.eB.BPo.q4
Content-Encoding: gzip
ETag: "0aed5b94bc26ce0fe9e58d25dd314418"
x-amz-request-id: A153E367E4F64E44
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12695
x-amz-id-2: 1CcC1EKrieRTlAyvmM8I9czxbYiNWqUAlIg4XQoBWjKMxkmKs0MXuebcXJ5+1jv9UbHz74EL7Lo=
Last-Modified: Thu, 10 Dec 2020 18:09:34 GMT
Server: AmazonS3
Date: Fri, 15 Jan 2021 22:25:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 5A7VaDrlL5rB6xgO Show response
botsrv.com/qb/data2/69nJaZmp8ompvxPR/ 25 KB
7 KB 186ms
108ms XHR
application/json 52.213.112.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://botsrv.com/qb/data2/69nJaZmp8ompvxPR/5A7VaDrlL5rB6xgO?qbReferer=https%3A%2F%2Fforesttravel.com%2F&qbVersion=1610749506047

Requested by

Host: static.botsrv.com
URL: https://static.botsrv.com/website/js/widget2.8b218cc3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.112.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-112-124.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d30f69aadaa6a3cd68f4e7ddb019b030d5f391757a7f6bf4fdba38bffdc201ed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ; frame-src ; style-src 'self' 'unsafe-inline' * blob:; frame-ancestors *
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 15 Jan 2021 22:25:06 GMT
server: nginx
x-download-options: noopen
strict-transport-security: max-age=15552000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://foresttravel.com
cache-control: max-age=31536000
content-security-policy: default-src * blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *; frame-src *; style-src 'self' 'unsafe-inline' * blob:; frame-ancestors *
expires: Sat, 15 Jan 2022 22:25:06 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067453663

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ec66c589cf58abd111129427552ccf65bacc0dfdadd70031e22456a2b250fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38966
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jan 2021 22:25:06 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067453663/ 2 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067453663/?random=1610749506059&cv=9&fst=1610749506059&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fforesttravel.com%2F&tiba=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f8017d5d91c10070d7ed4f7debd3fef79ab529641d7e983c368f404e9e5e7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-fb-rlafr: 0
pragma: public
x-fb-debug: nHC7RTBDuJeMFmIetavuALKWcnExEBCfcak892ADnTgGBMs0b0cqIDaBm/BkFv6IGhrwjaBSWiUb1JMnYJoTww==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 15 Jan 2021 22:25:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/2GM7HXLBHNG7JNEKKX3TM2/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

23ms
22ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 0V4udJ.TlQ_uvvjO68A9TSKMKw1LO4U1
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 34E10A9F604BCD9D
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: adma5rAlkQffVGUlaus27ka8flNmWlBfAVAfGouRhvCU9hJvYojv7Q/RDSbR4Nece5Bw2PZqsls=
Last-Modified: Fri, 08 Jan 2021 19:33:36 GMT
Server: AmazonS3
Date: Fri, 15 Jan 2021 22:25:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Fri, 15 Jan 2021 22:25:06 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL/ 0
773 B 271ms
224ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2l537A82Mi00WOhtuC62RKuykXS1IEWH
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: B803447F5CD6F7E4
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: RKxuudQvc4AvIPBGPELwtNFh44Px4BA/pSnpXUBMJdn5tT90Q825XE1Ds1pVhJhOd78jahZG+Ag=
Last-Modified: Fri, 15 Jan 2021 15:04:41 GMT
Server: AmazonS3
Date: Fri, 15 Jan 2021 22:25:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/2GM7HXLBHNG7JNEKKX3TM2/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/2GM7HXLBHNG7JNEKKX3TM2?_s=ee2e8ad72fecba2ca642055275196f31&_b=2
https://d.adroll.com/consent/check/2GM7HXLBHNG7JNEKKX3TM2/?_s=ee2e8ad72fecba2ca642055275196f31&_b=2

394 B
863 B

95ms
31ms

Script
application/javascript

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2GM7HXLBHNG7JNEKKX3TM2/?_s=ee2e8ad72fecba2ca642055275196f31&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 71f40e18df1327f47252ab86a0cef9cf97694764a39035fb6a0adc6d1d1e1265

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 394
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/2GM7HXLBHNG7JNEKKX3TM2/?_s=ee2e8ad72fecba2ca642055275196f31&_b=2
date: Fri, 15 Jan 2021 22:25:06 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 880914651975346 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 49ms
48ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/880914651975346?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b02d2ac0e347cd21e42a0ff216d3e375d7b936515aed2219bf0d4b57229d4acc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Ud3DZ7VlWhKZmbe1gWO32c3d9xq6rMl5dItK81NzZhoF4StwZfPdp3cMgW8oWhF+MbDB18C07N2ZDVOxid0utQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 15 Jan 2021 22:25:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 803171415
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
487 B 26ms
25ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=59ec5080-8c28-4abd-9864-0a8918b00629&lfi=636902&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=2737776&ct=standard-page&rcu=https%3A%2F%2Fforesttravel.com%2F&pu=https%3A%2F%2Fforesttravel.com%2F&t=Forest+Travel+Agency%3A+Corporate+Travel+Management+Company&cts=1610749506088&vi=bfa910bda895016a7019c0d12d4d2d05&nc=true&u=88154884.bfa910bda895016a7019c0d12d4d2d05.1610749505914.1610749505914.1610749505914.1&b=88154884.1.1610749505914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 612302bd0d8cc303-FRA
date: Fri, 15 Jan 2021 22:25:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 07a9c00a2a0000c30326886000000001
x-robots-tag: none

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1067453663/ 42 B
89 B 22ms
22ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067453663/?random=1610749506059&cv=9&fst=1610748000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fforesttravel.com%2F&tiba=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&async=1&fmt=3&is_vtc=1&random=90209322&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1067453663/ 42 B
89 B 23ms
22ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1067453663/?random=1610749506059&cv=9&fst=1610748000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fforesttravel.com%2F&tiba=Forest%20Travel%20Agency%3A%20Corporate%20Travel%20Management%20Company&async=1&fmt=3&is_vtc=1&random=90209322&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=880914651975346&ev=PageView&dl=https%3A%2F%2Fforesttravel.com%2F&rl=&if=false&ts=1610749506164&sw=1600&sh=1200&v=2.9.32&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1610749506163.1224988300&it=1610749506077&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Jan 2021 22:25:06 GMT

GET
H2 200 widget.39058708.css
static.botsrv.com/website/css/ 18 KB
4 KB 16ms
16ms Stylesheet
text/css 52.222.141.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.botsrv.com/website/css/widget.39058708.css
Requested by: Host: static.botsrv.com
URL: https://static.botsrv.com/website/js/widget2.8b218cc3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.141.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-141-68.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ceb474acb0aa5be221767a226bdb853c782969686476d13748af11b362263831

Request headers

Origin: https://foresttravel.com
Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 06:39:08 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2475959
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 06:37:58 GMT
server: AmazonS3
etag: W/"68c51e7be503d1c6949259da9898fa02"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/css
via: 1.1 425cbe8f956bdcb8754c19eb873fd2d1.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: rLDip3yBTwEHt8HUxqZS30uaDI7HIx4hrkWPWNQ-YQPhe2AtXDwxeA==

GET
H/1.1

200
OK

GEU4GHTL4RHWDF3ODM6E7W.js Show response
s.adroll.com/pixel/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL/
Redirect Chain

https://d.adroll.com/pixel/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&pv=16423851870.1...
https://s.adroll.com/pixel/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL/GEU4GHTL4RHWDF3ODM6E7W.js

4 KB
2 KB

201ms
200ms

Script
text/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL/GEU4GHTL4RHWDF3ODM6E7W.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 422457b565fc7967d31bbecf53e67f372c36450d21f5f461f9f29c8c37cc7074

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: EuuZBP5rI3MSVZwN3asLWaGdCsL1OSD5
Content-Encoding: gzip
ETag: "0fc25b3b8b2115e58ab5eedf015bce68"
x-amz-request-id: 1827F280433AE2B8
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1380
x-amz-id-2: X3EZMZD9uqDlMHwGsEmTrElcQ5q5rifq0ZRFOr5WyhobgKnPBxJcAALbzR5Wqa67PlVPd0h1EJI=
Last-Modified: Tue, 08 Dec 2020 23:33:28 GMT
Server: AmazonS3
Date: Fri, 15 Jan 2021 22:25:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *foresttravel.com/
date: Fri, 15 Jan 2021 22:25:06 GMT
x-segment-eid: GEU4GHTL4RHWDF3ODM6E7W
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL/GEU4GHTL4RHWDF3ODM6E7W.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: website visitors
x-pixel-eid: A46XAHLBV5CTTCYXLOA3WL
x-segment-name: 0d354102
x-advertisable-eid: 2GM7HXLBHNG7JNEKKX3TM2
content-length: 0
x-conversion-currency

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 22ms
22ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/2GM7HXLBHNG7JNEKKX3TM2/A46XAHLBV5CTTCYXLOA3WL?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&pv=16423851870.11337&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding: gzip
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id: 75B93B99450D9821
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: LLXPK6WOd/JkL78v3IWpxVYE6WLY0eyso2S9SGWA5fuDVP/IFReKscAk0ef5FiAsTnpUaCbbaQA=
Last-Modified: Mon, 03 Feb 2020 20:32:06 GMT
Server: AmazonS3
Date: Fri, 15 Jan 2021 22:25:06 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://pixel.advertising.com/ups/55980/sync?uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

72ms
23ms

Image
text/plain

3.126.63.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-63-176.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:06 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 167
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expiration=1642285506
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expiration=1642285506&C=1

43 B
1 KB

31ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expiration=1642285506&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 22:25:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Jan 2021 22:25:06 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 22:25:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expiration=1642285506&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Fri, 15 Jan 2021 22:25:06 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expires=365

0
239 B

93ms
22ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&expires=365
pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&rdrctExp=true

0
477 B

91ms
90ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:25:06 GMT
Cache-Control: no-cache
X-TraceId: 8894c1d663ac692c41fa20fbbcec0dab
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&rdrctExp=true
Date: Fri, 15 Jan 2021 22:25:06 GMT
X-TraceId: 2ff7293c6ecc8ce2a0a1d116ef3255e6
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
886 B

67ms
16ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 15 Jan 2021 22:25:06 GMT
X-lat: Pug22033:0:469
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
500 B

31ms
31ms

Image
image/gif

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: image/gif
content-length: 42
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

date: Fri, 15 Jan 2021 22:25:06 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc

0
217 B

55ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Fri, 15 Jan 2021 22:25:06 GMT
server: nginx
x-fastly-to-nlb-rtt: 1893

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc
pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://eb2.3lift.com/xuid?mid=4714&xuid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

24ms
24ms

Image
image/gif

18.193.32.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.32.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-32-76.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://x.bidswitch.net/sync?dsp_id=44&user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc

43 B
343 B

25ms
24ms

Image
image/gif

18.158.221.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.221.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-221-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc
date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://ib.adnxs.com/setuid?entity=172&code=NmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc

43 B
1 KB

16ms
16ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 22:25:06 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.147:80
AN-X-Request-Uuid: 67e34f86-8a95-4843-adb9-763839b72e11
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 22:25:06 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 457aa80b-1b6f-43cc-b0c6-bc46e14678ec
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNmVlNjlkZDQyZGUwZGY3NWRiMjJkYWQwYmZjNTdhZDc
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 51ms
49ms Image
image/gif 3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:06 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2
https://us-u.openx.net/w/1.0/sd?id=537103138&val=6ee69dd42de0df75db22dad0bfc57ad7
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6ee69dd42de0df75db22dad0bfc57ad7

43 B
180 B

21ms
21ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6ee69dd42de0df75db22dad0bfc57ad7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
via: 1.1 google
server: OXGW/16.200.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6ee69dd42de0df75db22dad0bfc57ad7
date: Fri, 15 Jan 2021 22:25:06 GMT
via: 1.1 google
server: OXGW/16.200.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=058c2b73fcd06c1feefed52b30242814-1610749506274&arrfrr=https%3A%2F%2Fforesttravel.com%2F&xid_ch=f&advertisable=2GM7HXLBHNG7JNEKKX3TM2&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=buad1C3g33XbItrQv8V61w
https://d.adroll.com/cm/g/in

42 B
536 B

31ms
31ms

Image
image/gif

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:25:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
84 B 7ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCM65QY6fj9hQ81Mm

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 15 Jan 2021 22:25:06 GMT
content-type: text/plain
access-control-allow-origin: https://foresttravel.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 Forest-home-bg-3-min-min.jpg
foresttravel.com/wp-content/uploads/2020/06/ 96 KB
96 KB 117ms
116ms Image
image/jpeg 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/06/Forest-home-bg-3-min-min.jpg
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/wp-content/cache/autoptimize/js/autoptimize_92247f5917e8ab5d5d3f55f7dab73f50.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6723057290b58abed2a614a6ecb0901f5f901000169ddf207b700eca57e49681

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:10 GMT
last-modified: Mon, 16 Nov 2020 21:13:33 GMT
server: nginx
etag: "5fb2eb7d-17f70"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 98160

GET
H2 200 Forest-home-bg-5-min-min.jpg
foresttravel.com/wp-content/uploads/2020/06/ 165 KB
166 KB 119ms
118ms Image
image/jpeg 104.197.217.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://foresttravel.com/wp-content/uploads/2020/06/Forest-home-bg-5-min-min.jpg
Requested by: Host: foresttravel.com
URL: https://foresttravel.com/wp-content/cache/autoptimize/js/autoptimize_92247f5917e8ab5d5d3f55f7dab73f50.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.197.217.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.217.197.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0827c5dabcd83aa6b938144f30c3ab3d9a4c893c1c02774d7a19d2d0047c6b52

Request headers

Referer: https://foresttravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:25:14 GMT
last-modified: Mon, 16 Nov 2020 21:13:33 GMT
server: nginx
etag: "5fb2eb7d-29565"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 169317

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.foresttravel.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.foresttravel.com/	1970-01-20 00:47:25	Name: hubspotutk Value: bfa910bda895016a7019c0d12d4d2d05
.foresttravel.com/	1970-01-20 00:47:25	Name: __hstc Value: 88154884.bfa910bda895016a7019c0d12d4d2d05.1610749505914.1610749505914.1610749505914.1
.foresttravel.com/	1970-01-20 08:57:01	Name: _ga Value: GA1.2.163904587.1610749505
.foresttravel.com/	1970-01-19 15:25:51	Name: _hjAbsoluteSessionInProgress Value: 0
.foresttravel.com/	1970-01-20 00:11:25	Name: _hjid Value: ef1f4fae-cea7-4369-a431-2d2314b08293
foresttravel.com/	1970-01-19 15:25:49	Name: _hjIncludedInPageviewSample Value: 1
.foresttravel.com/	1970-01-19 15:49:13	Name: _uetvid Value: 84400740578011eb91e8d35f7d32cd69
.foresttravel.com/	1970-01-19 17:35:25	Name: _gcl_au Value: 1.1.2125412511.1610749505
.foresttravel.com/	1970-01-19 15:25:51	Name: _hjFirstSeen Value: 1
.foresttravel.com/	1970-01-19 15:25:51	Name: __hssc Value: 88154884.1.1610749505914
.foresttravel.com/	1970-01-19 15:25:49	Name: _dc_gtm_UA-27464537-1 Value: 1
.foresttravel.com/	1970-01-19 15:27:15	Name: _gid Value: GA1.2.487935962.1610749505
.foresttravel.com/	1970-01-19 15:27:15	Name: _uetsid Value: 843fb9f0578011eb8d6bf7db258ef2d2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
api.hubapi.com
bat.bing.com
blog.foresttravel.com
botsrv.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
foresttravel.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
ib.adnxs.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
pixel.advertising.com
pixel.rubiconproject.com
quriobot.com
s.adroll.com
script.hotjar.com
simage2.pubmatic.com
static.botsrv.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
track.hubspot.com
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.197.217.66
13.224.194.56
141.226.228.48
18.158.221.94
18.193.32.76
185.33.221.14
185.64.189.110
199.60.103.254
2.18.233.40
2.18.234.21
216.58.208.34
2606:4700::6810:5705
2606:4700::6811:47b0
2606:4700::6811:70b0
2606:4700::6811:80ab
2606:4700::6811:cbcc
2606:4700::6811:d4cc
2606:4700::6811:e8cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:803::200a
2a00:1450:4001:806::2002
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81f::200a
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.63.176
3.248.28.111
35.244.159.8
52.18.148.102
52.208.176.149
52.213.112.124
52.222.141.12
52.222.141.68
52.222.141.74
54.78.251.22
69.173.144.139
70.42.32.191
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0760449cf607277e85c0b2f456cc04da73515bf4bf85832a66e24faeffe7676b
0827c5dabcd83aa6b938144f30c3ab3d9a4c893c1c02774d7a19d2d0047c6b52
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17db214b3319e984e46ed54cdb8688d16c20629d2d9df5b51cb85931921bd22e
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
29c2b6028a85625ad7c35dc7c7eb00a129a92a300ad238bc8fdff629e4df69c0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fd647608a0d61b2b52ea78b95c675120f86225170c4d89b775b4b50153c4ddf
32604b98ccc74e9bbc19833e783d276bd10d948ef66d03c405820c5b2ded1a0a
3352e9a5eee08984a5537eb1006f3bc828fd3688def43a0f73ccc36108f1ee91
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
41e4498250cd56767cd521b1bc9cda2d5cd48891c0112c344eea9e67f137fc00
422457b565fc7967d31bbecf53e67f372c36450d21f5f461f9f29c8c37cc7074
476cc0144d5beedf02da287a2bcb4287def6ba9e593bc161f854600bd766d67c
4b3f3d8289c20fc4eba0b16e49e5b0d6c1e6851bbe2d75713c533b287c8ccfd8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8017d5d91c10070d7ed4f7debd3fef79ab529641d7e983c368f404e9e5e7e5
4fc165d7be3b9083b16525551fd123f842b580ec6e8cd080b24976083f02d880
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
617e9c9963632d266d3c9e09607a562b14ef8047dfce95a1ae69b633554af10a
62b7743ef82e959d8ad16377223cb2560847185672422623de76a26b04012e48
62ef8de50ccfe15141aa6326fdf25c032c023ce9235a8c67134c428da17a062b
6723057290b58abed2a614a6ecb0901f5f901000169ddf207b700eca57e49681
690046a4804e6da3409d496df1aa4994fe217dc17eb24ebfd61c501457fdcf73
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dd1648c3044403835d68d95e16c9b24d60e6969dc3f764035c3c1a6afcb066e
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
71f40e18df1327f47252ab86a0cef9cf97694764a39035fb6a0adc6d1d1e1265
7558995674f167754905b136ee318b67f0b66a887b26a3025317906cd64753b3
76e003fa5aaad39dc7627b77111c282bd700c5ef784043b2f438778bc24df15b
77e086fb665e3c8ee757deebe374d4ef78613e398404c3f1bfefbcf8e1cea1a0
82ce2eeb3a9cc7011cc0af65acbf9cf071a9ccb372eb3330b38baab70c8f4774
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cf55be6dd4649960f1bdfd5e2a0eb14d6a7bf712d7830bd4a0475dea8509bb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8733f48b11a3216b839da6526cb295bdc3c5344708e0475a88a9a186f557e605
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8d9ef4cfdaeff6d589b8566592e0bf48f49b8e0cd439c21148e9f474eb070d6b
8ec66c589cf58abd111129427552ccf65bacc0dfdadd70031e22456a2b250fcc
8f73eb17ef88c1b106a71e521f211e8994efe544c3acdf81c8897ec0b66cee07
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
9190f6f33848a14d4b95da429653f69f9d19ad17162fa3ac605833ad29f0d20a
91ed6ce02b6c75337190849469779a4bd41848b76017521bf4544f268c011ad4
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9704eaba402684353deb08cef7861e35b8eeead7466137a30bb5464c2ff5a6c4
9fd2ecfb5502906b90601768dffa86e3a074ff16f13afad29732d598994a4f6a
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
aa2f6d9084c128207870e255716f653f6fbe5c45f2c399d20f0d79bb34993350
ac1496eb4cdbd0d93463435e73938df03ada398b8c602fb257d78dfe3d6015dd
ac8d15766c96ffd90308afc4c90b372fd26d3892571aad50186aa6c64add5153
ae39002ff97c3549c770c27235c41aadfb564d391a8741cf84cba1974fcaa3a5
b02d2ac0e347cd21e42a0ff216d3e375d7b936515aed2219bf0d4b57229d4acc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46f8bce4305558eb4a77124d72975300338b6f7f6e97492dd9dae0361bbb708
b53c1776cf959b385e1467af14b0d415294dbdb638a39cc916255e755a96dd42
b76ccb185557585a2f20c08db919c29fcc2f1e6992e194f1d1f445bca814dc5c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd60d3b0e957c1e714e779b29570e421d215628c2fd9694ef590ed3ded961291
c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a
c44da5bb23c51c1e434b517ad0d44b8e94adb4dff3b23d66187e262454381dbb
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
c77f18983978fdbdc4e736eb42c0935e8ae171411eb8e7456613b866909847fe
c93a362689bb3827b6385b58b868b4da96230d841d944f71a80334cdfdbe6551
ccd1ce3e529193a7b9e201539f441de1245634bb83738431eaf41f027e54692a
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceb474acb0aa5be221767a226bdb853c782969686476d13748af11b362263831
d0230781fbc7e40d4a72a9c1be4fb3e71c3b1e9b4a50cbcfced13fbe1969a43a
d2a3f7a98bbb01a2b458b51a349f4d3bec508934f0d596ba6a472a7c60850de7
d30f69aadaa6a3cd68f4e7ddb019b030d5f391757a7f6bf4fdba38bffdc201ed
d710dee6eef4424f1220fd32cf5062c4ea626a096010ef09dc36a7da257f83d8
d9cfc3be1730a4cf728fcfd84a732e45b127b40bb2c9457fdf0118009a9223cd
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91
ddb582f23326e27525dc8a5aa9b18fe791f07cf4e604911c591baaf028d116e6
e1a45d3351c5dcc61a6954c5a409d33ff8eb0362c0f4447fbd1e7d5ca0e9196b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e539278ae60bc5936791cd12c83608f62e4aa658157cece58996aa2784239ac1
e8363ea858877d6c7859a8f450178ce1db279588b8dcfa025b5f63925d7f3eb1
ebc478f6b1618862bf9c95cd3d69f37ffadec026fb1f136fc9b4414f4c07621c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ce8510341a291706d824c36163c9025090ff096ee4ca32d41309ce82afaa73
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6825d210edaa74ae0bee9c5aa67281ac90de3d443e8181d33c653cce399b649
f755d1b33621f2a2d5d9889dffa5f3e379651763b74c0070339ddc04969dc6e7
fd93fdb64843133aca7bf0419e4f2daca4cbb0e9c0b47dff110d050d483ce929

foresttravel.com Open in urlscan Pro 104.197.217.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

117 Requests

100 %HTTPS

54 %IPv6

37 Domains

46 Subdomains

48 IPs

8 Countries

2431 kBTransfer

6467 kBSize

14 Cookies

2 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

foresttravel.com Open in urlscan Pro
104.197.217.66 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

100 %
HTTPS

54 %
IPv6

37
Domains

46
Subdomains

48
IPs

8
Countries

2431 kB
Transfer

6467 kB
Size

14
Cookies

117 HTTP transactions
0 data transactions