www.ltur.com Open in urlscan Pro
3.72.194.248 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ltur.ch/
Effective URL:
https://www.ltur.com/ch/index
Submission: On August 10 via api (August 10th 2024, 8:10:47 am UTC) from CH — Scanned from CH

Summary HTTP 58 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 58 HTTP transactions. The main IP is 3.72.194.248, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.ltur.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on May 6th 2024. Valid for: 10 months.

This is the only time www.ltur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	3.72.194.248 3.72.194.248	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:4139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:9000:225... 2600:9000:225e:0:6:f45f:8400:93a1	16509 (AMAZON-02) (AMAZON-02)
3	34.160.146.59 34.160.146.59	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	18.66.147.43 18.66.147.43	16509 (AMAZON-02) (AMAZON-02)
2	35.190.85.25 35.190.85.25	15169 (GOOGLE) (GOOGLE)
1 9	2600:9000:249... 2600:9000:2491:8200:15:e09:8a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::201b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
2	2600:9000:272... 2600:9000:2724:b200:e:5581:7340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.124.201.130 3.124.201.130	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:6a00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
7	172.67.74.129 172.67.74.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	212.83.50.108 212.83.50.108	47447 (TTM) (TTM)
1 2	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	85.114.159.112 85.114.159.112	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	217.79.188.59 217.79.188.59	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	3.69.14.84 3.69.14.84	16509 (AMAZON-02) (AMAZON-02)
1 1	81.17.55.106 81.17.55.106	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
58	18

10 3.72.194.248 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

ltur.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ltur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a8315240995.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:225e:0:6:f45f:8400:93a1 (United States)

ASN16509 (AMAZON-02, US)

gips.ltur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.160.146.59 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 59.146.160.34.bc.googleusercontent.com

sgtm1.ltur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net

gips.ltur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.85.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.85.190.35.bc.googleusercontent.com

static.trbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2491:8200:15:e09:8a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

halc.iadvize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

collect.trbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v4.trbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2724:b200:e:5581:7340:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.iadvize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.201.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-201-130.eu-central-1.compute.amazonaws.com

api.iadvize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:6a00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.83.50.108 (Bad Konigshofen im Grabfeld, Germany) 1 redirects

ASN47447 (TTM, DE)

r.adserver01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.46 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.112 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad11.adfarm1.adition.com

ad11.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.14.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-14-84.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.106 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany) 1 redirects

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ltur.com www.ltur.com gips.ltur.com sgtm1.ltur.com	1 MB
13	iadvize.com 1 redirects halc.iadvize.com — Cisco Umbrella Rank: 29714 static.iadvize.com — Cisco Umbrella Rank: 75820 api.iadvize.com — Cisco Umbrella Rank: 40650	31 KB
7	ad4m.at ad4m.at — Cisco Umbrella Rank: 16283 as.ad4m.at — Cisco Umbrella Rank: 44351	13 KB
4	trbo.com static.trbo.com — Cisco Umbrella Rank: 128414 collect.trbo.com — Cisco Umbrella Rank: 120403 api-v4.trbo.com — Cisco Umbrella Rank: 126266	165 KB
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 1042 a8315240995.cdn.optimizely.com logx.optimizely.com — Cisco Umbrella Rank: 2460	131 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1102	1 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 363	2 KB
2	adition.com 1 redirects ad11.adfarm1.adition.com — Cisco Umbrella Rank: 62123 imagesrv.adition.com — Cisco Umbrella Rank: 35500	517 B
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 764	2 KB
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 492	2 KB
1	twiago.com 1 redirects a.twiago.com — Cisco Umbrella Rank: 49044	671 B
1	pubmatic.com 1 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 1358	252 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1072	713 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 6527	38 B
1	adserver01.de 1 redirects r.adserver01.de — Cisco Umbrella Rank: 192868	220 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 6220	14 KB
1	ltur.ch 1 redirects ltur.ch	346 B
58	17

	Domain	Requested by
12	gips.ltur.com	www.ltur.com
9	halc.iadvize.com	1 redirects www.ltur.com halc.iadvize.com
9	www.ltur.com	www.ltur.com
5	as.ad4m.at
3	sgtm1.ltur.com	www.ltur.com
2	dsum-sec.casalemedia.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	secure.adnxs.com	1 redirects
2	ad4m.at	www.dwin1.com ad4m.at
2	api.iadvize.com	halc.iadvize.com
2	static.iadvize.com	halc.iadvize.com static.iadvize.com
2	storage.googleapis.com	cdn.optimizely.com
2	static.trbo.com	www.ltur.com
2	cdn.optimizely.com	www.ltur.com cdn.optimizely.com
1	a.twiago.com	1 redirects
1	simage2.pubmatic.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	ih.adscale.de
1	imagesrv.adition.com
1	ad11.adfarm1.adition.com	1 redirects
1	r.adserver01.de	1 redirects
1	www.dwin1.com	sgtm1.ltur.com
1	logx.optimizely.com	cdn.optimizely.com
1	api-v4.trbo.com	static.trbo.com
1	collect.trbo.com	static.trbo.com
1	a8315240995.cdn.optimizely.com	cdn.optimizely.com
1	ltur.ch	1 redirects
58	27

This site contains links to these domains. Also see Links.

Domain
hilfe.ltur.com
career.ltur.com
www.tuigroup.com
www.facebook.com
www.instagram.com
www.youtube.com
twitter.com
www.pinterest.de
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.ltur.com Thawte TLS RSA CA G1	`2024-05-06` - `2025-02-21`	10 months	crt.sh
cdn.optimizely.com WE1	`2024-06-25` - `2024-09-23`	3 months	crt.sh
sgtm1.ltur.com WR3	`2024-08-07` - `2024-11-05`	3 months	crt.sh
static.trbo.com WR3	`2024-08-05` - `2024-11-03`	3 months	crt.sh
storage.googleapis.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
collect.trbo.com WR3	`2024-07-25` - `2024-10-23`	3 months	crt.sh
*.iadvize.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
api-v4.trbo.com WR3	`2024-07-19` - `2024-10-17`	3 months	crt.sh
logx.optimizely.com WR3	`2024-07-20` - `2024-10-18`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
ad4m.at WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.adscale.de Amazon RSA 2048 M03	`2024-06-17` - `2025-07-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.ltur.com/ch/index
Frame ID: FBC644F748323C479F9A4CC6B4130189
Requests: 53 HTTP requests in this frame

Frame: https://a8315240995.cdn.optimizely.com/client_storage/a8315240995.html
Frame ID: 0BB7CD5CB4AF59DAC0E2E9AD32A1147B
Requests: 1 HTTP requests in this frame

Frame: https://collect.trbo.com/i/c.php?browser_type=&channel=typein&cl=13262&click_type=typein&pg=www.ltur.com%2Fch%2Findex&device=&device_type=desktop&group=-1&has_flash=NaN&is_adclick=NaN&is_click_in=1&is_mobile=0&is_organic=NaN&is_referrer=NaN&is_tablet=0&is_typein=1&os=&protocol=https&rand=3708534748.250508&uid=96c1ee815b979d8edf66e08beb256857&sid=1164051297&pt=4&td=%7B%22slots%22%3A%7B%7D%2C%22data%22%3A%7B%7D%7D&rnd=1723277431643&stot=1
Frame ID: 4422984A63579BCE0AE1E6F687F7C8A9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 2E2C7742FC53A9F8D3FA7F5615806EF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ferien buchen - einfach und günstig | ltur

Page URL History Show full URLs

https://ltur.ch/ HTTP 301
https://www.ltur.com/ch/index Page URL

Detected technologies

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

58
Requests

86 %
HTTPS

29 %
IPv6

17
Domains

27
Subdomains

18
IPs

4
Countries

1566 kB
Transfer

4864 kB
Size

27
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://hilfe.ltur.com/hc/de
Title: FAQ

Search URL Search Domain Scan URL

URL: https://career.ltur.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.tuigroup.com/de-de/verantwortung/wie-melde-ich-bedenken
Title: Wie melde ich Bedenken?

Search URL Search Domain Scan URL

URL: https://www.facebook.com/LTURLastMinuteCH/?fref=ts

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lturlm/?hl=ch

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CrazyLTUR

Search URL Search Domain Scan URL

URL: https://twitter.com/LTURLM

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/lturLastMinuteDE/_created/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ch/app/ltur-last-minute-urlaub/id359100643

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.ltur.nixwieweg&feature=search_result#?t=W251bGwsMSwxLDEsImNvbS5sdHVyLm5peHdpZXdlZyJd

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ltur.ch/ HTTP 301
https://www.ltur.com/ch/index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://halc.iadvize.com/iadvize.js?sid=6267 HTTP 302
https://halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/live.js

Request Chain 46

https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent= HTTP 302
https://secure.adnxs.com/seg?add=19751009&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2

Request Chain 47

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2&gdpr=$0&gdpr_consent= HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm=&google_sc=&a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=1&google_tc= HTTP 302
https://as.ad4m.at/ad/dpe?b=CAESEJWey9neO-aHsVJglPQlmV8&a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=1&google_cver=1

Request Chain 51

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dz9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp%26c%3D9%26b%3DSMART_USER_ID HTTP 302
https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=9&b=372884336795241173&gdpr=0&gdpr_consent=

Request Chain 52

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dz9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp%26b%3D%24%7BPUBMATIC%5FUID%7D%26c%3D5 HTTP 302
https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&b=${PUBMATIC_UID}&c=5

Request Chain 53

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&C=1

Request Chain 54

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dz9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp%26b%3D%25userid%25%26c%3D7 HTTP 302
https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&b=07dbb3fa42c99f88feba8450349bb13d496e2c917a6cbabddd036b1280665&c=7

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index Show response
www.ltur.com/ch/
Redirect Chain

https://ltur.ch/
https://www.ltur.com/ch/index

392 KB
31 KB

321ms
74ms

Document
text/html

3.72.194.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.194.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4fdc220c56642f8010dc055610d1c8d992a748501d304e47687478cc4fc47db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=3600
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 10 Aug 2024 08:10:28 GMT
server: nginx
strict-transport-security: max-age=31536000 max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache-status: HIT
x-profile: srv:1
x-xss-protection: 1; mode=block

Redirect headers

content-length: 162
content-type: text/html
date: Sat, 10 Aug 2024 08:10:28 GMT
location: https://www.ltur.com/ch/index
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 homepage.js Show response
www.ltur.com/assets/2019/bundles/lturapp/js/layout2019/ 1 MB
341 KB 39ms
36ms Script
application/javascript 3.72.194.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ltur.com/assets/2019/bundles/lturapp/js/layout2019/homepage.js?v=55359ef14f

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.194.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

02c9d2310f55e57bcba634eba146d6ceacb50a0485c8b6fcbb58b18c07ca6737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/ch/index
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 08:11:53 GMT
server: nginx
etag: W/"1750ae-61f2794544440"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
x-xss-protection: 1; mode=block
expires: Sat, 10 Aug 2024 08:15:28 GMT

GET
H2 200 12107615879.js Show response
cdn.optimizely.com/js/ 446 KB
130 KB 235ms
54ms Script
text/javascript 2606:4700::6812:4139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/js/12107615879.js
Requested by: Host: www.ltur.com
URL: https://www.ltur.com/ch/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d66a0d0dad88519d8fd5c8f4cd4381d9403a64994ed6e5e5acdf32ae291514

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
date: Sat, 10 Aug 2024 08:10:29 GMT
content-encoding: gzip
x-amz-version-id: KNmLD4iL_vwSm5NwkGFeUhUaLWp0jRjd
cf-cache-status: HIT
x-amz-request-id: RK55MQ5820TX7GR9
age: 440
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9407
x-amz-replication-status: PENDING
content-length: 132211
x-amz-id-2: FuB336XB5fD42V4TawVXGlZuVB892xRnUjM4F3HQtjB74UIKF+m6IAG7/ULxxSP6AEkKtyeNvP8=
last-modified: Fri, 09 Aug 2024 16:09:23 GMT
server: cloudflare
etag: "16f10dc9a76c5d200c591f462bdb1a47"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 8b0e827ba9517757-AMS

GET
H2 200 homepage-critical.css
www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/ 1 KB
740 B 34ms
32ms Stylesheet
text/css 3.72.194.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/homepage-critical.css?v=55359ef14f

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.194.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8df320e2300abf0dfb4b5bf72fd7dcd89ee79b24ca7b238d4af07f848de6453c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/ch/index
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 08:11:53 GMT
server: nginx
etag: W/"4a6-61f2794544440"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300
x-xss-protection: 1; mode=block
expires: Sat, 10 Aug 2024 08:15:28 GMT

GET
H2 200 homepage-uncritical.css
www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/ 390 KB
54 KB 64ms
62ms Stylesheet
text/css 3.72.194.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/homepage-uncritical.css?v=55359ef14f

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.194.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0812d2609d761a733121bc83caae9a725dc26f6689194f060717fb7e291af8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/ch/index
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 08:11:53 GMT
server: nginx
etag: W/"61645-61f2794544440"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300
x-xss-protection: 1; mode=block
expires: Sat, 10 Aug 2024 08:15:28 GMT

GET
H2 200 homepage.css
www.ltur.com/assets/2019/bundles/lturapp/js/layout2019/ 15 KB
4 KB 63ms
62ms Stylesheet
text/css 3.72.194.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ltur.com/assets/2019/bundles/lturapp/js/layout2019/homepage.css?v=55359ef14f

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.194.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ff86e435ab62193c29a9a531c8f6cfede3baf35e41afb6bef5ebf9add35a0319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/ch/index
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 08:11:53 GMT
server: nginx
etag: W/"3d0d-61f2794544440"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300
x-xss-protection: 1; mode=block
expires: Sat, 10 Aug 2024 08:15:28 GMT

GET
H2 200 thumb_14146_teaser_stage_desktop.jpeg
gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/teaser_stage/0001/15/ 153 KB
154 KB 168ms
34ms Image
image/webp 2600:9000:225e:0:6:f45f:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/teaser_stage/0001/15/thumb_14146_teaser_stage_desktop.jpeg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:0:6:f45f:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

702e9118b813396663f7155257d74c4021f26ba256186a8cfa8a5c69efe9a8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:40:10 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 433819
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 156966
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Aug 2024 07:40:10 GMT
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: PLcS7zPx47FmyA6IzLCUEO0FdwAlJqoCSNNrDKGcdpuDraB_CzT24w==
expires: Mon, 12 Aug 2024 07:40:10 GMT

GET
H2 200 thumb_14139_teaser_stage_desktop.jpeg
gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/teaser_stage/0001/15/ 38 KB
39 KB 298ms
164ms Image
image/webp 2600:9000:225e:0:6:f45f:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/teaser_stage/0001/15/thumb_14139_teaser_stage_desktop.jpeg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:0:6:f45f:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7972cbb2b5f462d8833c8046d31c5a805262b18747f2593955dabfa4c0fed718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 07:09:14 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 349275
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 39198
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Aug 2024 07:09:13 GMT
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: 6zYe5Py-2fYHEF-rumc5sh1kakMAq9dqRqDcG4iocoJgFVKpxzSc6w==
expires: Tue, 13 Aug 2024 07:09:13 GMT

GET
H2 200 thumb_14142_teaser_stage_desktop.jpeg
gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/teaser_stage/0001/15/ 82 KB
83 KB 272ms
138ms Image
image/webp 2600:9000:225e:0:6:f45f:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/teaser_stage/0001/15/thumb_14142_teaser_stage_desktop.jpeg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:0:6:f45f:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a35bb0d78bada7666cd743784a31dc6f6e701dd21e2b0cff50d67474e17e0e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 22:01:28 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 122941
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 84048
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Aug 2024 22:01:28 GMT
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: F-kwkrWfC0D1TrgU9P63cmeGIUNtsjyFNfQCzBspKHNvZgzaucTN4g==
expires: Thu, 15 Aug 2024 22:01:28 GMT

GET
H2 200 ST-D2-HOT-DEAL_02.jpg
gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/content/ 101 KB
102 KB 276ms
143ms Image
image/webp 2600:9000:225e:0:6:f45f:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/content/ST-D2-HOT-DEAL_02.jpg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:0:6:f45f:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

440a6b8f8494b5ae592324654ee0cebbfe0c394378d8bf3e389b0a9e7f6119e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 23:42:21 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 203288
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 103630
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Aug 2024 23:42:21 GMT
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: ot75m6HNEiKeVeF__cna-ZOei01o0cSnKGUtOmWdaw5ZHpbzEqHVFA==
expires: Wed, 14 Aug 2024 23:42:21 GMT

GET
H2 200 c02f83d84642b00cbad9576a09740f0b3068cddd.jpeg
gips.ltur.com/gips/scalr-webp/387x169/images.ltur.com/images/sonata_cms/media/t15_full/0001/02/ 7 KB
7 KB 107ms
103ms Image
image/webp 2600:9000:225e:0:6:f45f:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/387x169/images.ltur.com/images/sonata_cms/media/t15_full/0001/02/c02f83d84642b00cbad9576a09740f0b3068cddd.jpeg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:0:6:f45f:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fec07e3fe6f45c103c5f646d628b59867a54166a460654b58430e8584332cd9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 09:17:56 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 168753
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6894
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Aug 2024 09:17:56 GMT
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: oow2NRsQAQz7_zKG60r3TFeVT2Zkq09fIUzPBMFxC2Cv6DwmTh3qtQ==
expires: Thu, 15 Aug 2024 09:17:56 GMT

GET
H2 200 e7df841e0af817f1a57a66d599963bb2f04c66c8.jpeg
gips.ltur.com/gips/scalr-webp/387x169/images.ltur.com/images/sonata_cms/media/t15_full/0001/03/ 8 KB
8 KB 106ms
104ms Image
image/webp 2600:9000:225e:0:6:f45f:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/387x169/images.ltur.com/images/sonata_cms/media/t15_full/0001/03/e7df841e0af817f1a57a66d599963bb2f04c66c8.jpeg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:0:6:f45f:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e7d61bfb72a3e2915bcf8b6513ebeb471c506c713cdc35baead6fad7ec8a9893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:23:08 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 424041
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8044
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Aug 2024 10:23:08 GMT
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: D_iB9k3liIs4Yz-Rtjn8OIiWVYr6jMg7L8rFXA6n3J11OEZSyKx_fw==
expires: Mon, 12 Aug 2024 10:23:08 GMT

GET
H2 200 f5d70dbed009682c24f2d4b229ad3a67fb2e2f5c.jpeg
gips.ltur.com/gips/scalr-webp/387x169/images.ltur.com/images/sonata_cms/media/t15_full/0001/03/ 15 KB
15 KB 104ms
102ms Image
image/webp 2600:9000:225e:0:6:f45f:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/387x169/images.ltur.com/images/sonata_cms/media/t15_full/0001/03/f5d70dbed009682c24f2d4b229ad3a67fb2e2f5c.jpeg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:0:6:f45f:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2ef5a2c12f7f869758e84ce7c133e99ca5e28319a0d05f72c111bad6bd08f61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 10:23:09 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 424040
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14888
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Aug 2024 10:23:08 GMT
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: NieGmn_lY0E15zlDwA0uDToDoMpftOUzZV_CH7hbfhZc3i65Atcw2w==
expires: Mon, 12 Aug 2024 10:23:08 GMT

GET
H2 200 gtm.js Show response
sgtm1.ltur.com/ 605 KB
151 KB 427ms
261ms Script
application/javascript 34.160.146.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sgtm1.ltur.com/gtm.js?id=GTM-MWCRQ4
Requested by: Host: www.ltur.com
URL: https://www.ltur.com/ch/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.146.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.146.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6c5c3ccf3a2de83853bbd1bade901d8b8769b28325b42fa6bb130d8ebc7993d4

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:29 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 10 Aug 2024 06:00:00 GMT
server: Google Frontend
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Aug 2024 08:24:47 GMT

GET
H2 200 icons.svg
www.ltur.com/img/ 177 KB
58 KB 68ms
62ms Other
image/svg+xml 3.72.194.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ltur.com/img/icons.svg?v=55359ef14f

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.194.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

17168b4b2913869d62691a124185d2c3c64e37c73c629af53d3105a8a4ce2e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/ch/index
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 08:11:56 GMT
server: nginx
etag: W/"2c546-61f2794820b00"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-xss-protection: 1; mode=block
expires: Sun, 10 Aug 2025 08:10:29 GMT

GET
H2 200 din-2014-regular.woff2
www.ltur.com/bundles/lturapp/css/fonts/ 34 KB
34 KB 34ms
33ms Font
application/octet-stream 3.72.194.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ltur.com/bundles/lturapp/css/fonts/din-2014-regular.woff2

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/homepage-critical.css?v=55359ef14f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.194.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ff068881c14a34fd5990e2d75f8f3471992a4d6be02320919aaa97daf09c0251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/homepage-critical.css?v=55359ef14f
Origin: https://www.ltur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 08 Aug 2024 08:11:53 GMT
server: nginx
etag: "8880-61f2794544440"
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 34944
x-xss-protection: 1; mode=block
expires: Sun, 10 Aug 2025 08:10:29 GMT

GET
H2 200 din-2014-bold.woff2
www.ltur.com/bundles/lturapp/css/fonts/ 36 KB
37 KB 32ms
32ms Font
application/octet-stream 3.72.194.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ltur.com/bundles/lturapp/css/fonts/din-2014-bold.woff2

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/homepage-critical.css?v=55359ef14f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.194.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cecd9660457dd7a052b58cf8e6e9e9cd9a530c92fbe827e9e189226f547762f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/homepage-critical.css?v=55359ef14f
Origin: https://www.ltur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 08 Aug 2024 08:11:53 GMT
server: nginx
etag: "90e8-61f2794544440"
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 37096
x-xss-protection: 1; mode=block
expires: Sun, 10 Aug 2025 08:10:29 GMT

GET
H3 200 f6227a2f-277a-4e5b-adac-a7c2e99cf6cd.jpg
gips.ltur.com/gips/scalr-webp/387x260/pics.tui.com/pics/pics1600x1200/tui/f/ 25 KB
25 KB 30ms
30ms Image
image/webp 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/387x260/pics.tui.com/pics/pics1600x1200/tui/f/f6227a2f-277a-4e5b-adac-a7c2e99cf6cd.jpg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

Resource Hash

c3d68f79c83f54dc0f014f767a606419b085a3cf44787cfa0b063a992da0cca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 18:18:21 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 309128
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 25304
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Aug 2024 18:18:21 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: F5hARe3ueqqMLEdNWrws-B2yLK1rrlGasrdQgDIgKEUctkaosbHuwg==
expires: Tue, 13 Aug 2024 18:18:21 GMT

GET
H3 200 thumb_14063_STR14_100_mobile.png
gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/STR14_100/0001/15/ 7 KB
8 KB 31ms
30ms Image
image/webp 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/STR14_100/0001/15/thumb_14063_STR14_100_mobile.png

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

Resource Hash

aebb25d0d73f3bf9bd2f44f3939918cba39344c1176779670c632669273ccad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 08:48:29 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 256920
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7376
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Aug 2024 08:48:29 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: -dbuMmEFo6ymCvqK5Qs_NE4fSz_ZW2JTgs0WbMaxEE8qBoR7PNKJ9Q==
expires: Wed, 14 Aug 2024 08:48:29 GMT

GET
H3 200 thumb_14106_imagebox_4_3_desktop.jpeg
gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/imagebox_4_3/0001/15/ 21 KB
22 KB 30ms
30ms Image
image/webp 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/imagebox_4_3/0001/15/thumb_14106_imagebox_4_3_desktop.jpeg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

Resource Hash

ca1bbc307d7b38fdc5b6fc8c9d9f0752613a10c19ae559fad6b2a76412cdb9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 11:04:38 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 421551
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 21954
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Aug 2024 11:04:38 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: 1LVFg_B_MitDgdgWdIPTeR1VHC7jk0tmWIkUhptAezoS-QrT32FLEg==
expires: Mon, 12 Aug 2024 11:04:38 GMT

GET
H3 200 b11b9beb-1eb8-4469-8289-9aa7e1249408.jpg
gips.ltur.com/gips/scalr-webp/387x260/pics.tui.com/pics/pics1600x1200/tui/b/ 25 KB
25 KB 27ms
27ms Image
image/webp 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/387x260/pics.tui.com/pics/pics1600x1200/tui/b/b11b9beb-1eb8-4469-8289-9aa7e1249408.jpg

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

Resource Hash

2be4ddf271b5e17a97762ff91408b4952e9f81edc42bf53738669420e610a451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 07:27:58 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 261751
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 25416
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Aug 2024 07:27:58 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: cH00UvaDRHU7RkWk75GlXHKJXQBhiV-wMv842H7pAQXDzXw_mBqA7A==
expires: Wed, 14 Aug 2024 07:27:58 GMT

GET
H3 200 thumb_14149_STR14_100_mobile.png
gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/STR14_100/0001/15/ 8 KB
9 KB 29ms
29ms Image
image/webp 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gips.ltur.com/gips/scalr-webp/original/images.ltur.com/images/sonata_cms/media/STR14_100/0001/15/thumb_14149_STR14_100_mobile.png

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

Resource Hash

5b0171beb621d0e11be97e8a6be1d22d8be7fb64515952215904487154ecc16d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 08:16:46 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P4
age: 431623
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8680
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Aug 2024 08:16:45 GMT
vary: Origin
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=604800, must-revalidate
x-amz-cf-id: izwAqCuvtuDdGzv6lL_LZVG1xRi_uGHB2XtYgaG9Vx_nCP9GTCvfZA==
expires: Mon, 12 Aug 2024 08:16:45 GMT

GET
H2 200 trbo_13262_f41db5f2b59c7cee24a95016405221d1.js Show response
static.trbo.com/plugin/ 326 KB
84 KB 362ms
19ms Script
text/javascript 35.190.85.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.trbo.com/plugin/trbo_13262_f41db5f2b59c7cee24a95016405221d1.js
Requested by: Host: www.ltur.com
URL: https://www.ltur.com/ch/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.85.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.85.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9b28564365fdd3ad70aea8466e73534999b19b0e265c7e677169424cbff3eeb2

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:06:43 GMT
content-encoding: gzip
age: 227
x-guploader-uploadid: AHxI1nPLcd6vY-EhIvxmPgH-tPP8UF8k-apT3TZI4wElZyr8_EyX768dgL4HuFGJBnvQQYfe5JE
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85245
last-modified: Wed, 15 Nov 2023 10:18:16 GMT
server: UploadServer
etag: "5af395806db3317fb101c1c5d5260f1d"
vary: Accept-Encoding
x-goog-generation: 1700043496482389
x-goog-hash: crc32c=ayS5zw==, md5=WvOVgG2zMX+xAcHF1SYPHQ==
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=600, public
x-goog-stored-content-length: 85245
accept-ranges: bytes
expires: Sat, 10 Aug 2024 08:16:43 GMT

GET
H2

200

live.js Show response
halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/
Redirect Chain

https://halc.iadvize.com/iadvize.js?sid=6267
https://halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/live.js

43 KB
12 KB

33ms
29ms

Script
application/javascript

2600:9000:2491:8200:15:e09:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/live.js

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Server

2600:9000:2491:8200:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

d668cabe-7e5a-88ab-c2a7-4a566283ff64, AmazonS3 /

Resource Hash

fdaf64ab9bde769bfd127c2e165b13e51836731ec3a839bdd1ba557940a959e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 12:26:58 GMT
content-encoding: gzip
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-version-id: KeG6zd17EjAnM95.nVHF9mxTXCLk6hhp
x-amz-cf-pop: FRA56-P7
cross-origin-embedder-policy: require-corp
x-amz-server-side-encryption: AES256
age: 675813
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 02 Aug 2024 09:31:34 GMT
server: d668cabe-7e5a-88ab-c2a7-4a566283ff64, AmazonS3
etag: W/"593497769e296c965a04d7975f865996"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: NAvPbzrtv2hqylrH2AvOTu_b4QZuCS2NuOojqF-p8zLCfWJ7Wg7rtQ==

Redirect headers

date: Sat, 10 Aug 2024 08:09:57 GMT
content-encoding: gzip
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-cf-pop: FRA56-P7
cross-origin-embedder-policy: require-corp
age: 34
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 127
server: 0bd03d4b-dce8-d2a5-5438-12d56882e9d5
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/live.js
access-control-allow-origin: *
cache-control: public, max-age=60
x-amz-cf-id: D6H8vvk6Ts3Ziak72G8WUXtlzZz4zfVKPjr3tcJXmwpSWMlWXSiuTA==

GET
H2 200 btnt.js Show response
sgtm1.ltur.com/ 1 KB
2 KB 48ms
48ms Script
text/javascript 34.160.146.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm1.ltur.com/btnt.js

Requested by

Host: www.ltur.com
URL: https://www.ltur.com/ch/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.146.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

59.146.160.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

ece550fe33ec76675be7383619c4498db0c90187159b82314a9bf0834ba093c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:30 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/javascript
x-cloud-trace-context: 750cf14c5f3aece9c565da1b3a9a0fb8
cache-control: public, max-age=7200
server-timing: validation;dur=1, serve;dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375

GET
H2 200 bb8ced68406cb51895ac98de6a978c699da23323bb7f0da2fad0c8744aa245f5.js Show response
cdn.optimizely.com/public/8315240995/data/actions/ 611 B
691 B 44ms
44ms Script
text/javascript 2606:4700::6812:4139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/public/8315240995/data/actions/bb8ced68406cb51895ac98de6a978c699da23323bb7f0da2fad0c8744aa245f5.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/12107615879.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb8ced68406cb51895ac98de6a978c699da23323bb7f0da2fad0c8744aa245f5

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
date: Sat, 10 Aug 2024 08:10:31 GMT
content-encoding: gzip
x-amz-version-id: vVKuhl7U9BAHXybNMauYHJFMo2S4X6tQ
cf-cache-status: HIT
x-amz-request-id: 4JEC1VDY1NZ4NNY0
age: 388
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 393
x-amz-id-2: FUkOByc5akmlrH2GGIkUwKGV/XTQr1DS6BMKrzp976djyYmWGoYlDVFjkwKcqVzxjRwI+fKhClg=
last-modified: Mon, 08 Jul 2024 12:53:54 GMT
server: cloudflare
etag: "922cc6bd19e3b417b818090a47e132c0"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 8b0e8289bc7a7757-AMS

GET
H2 200 a8315240995.html
a8315240995.cdn.optimizely.com/client_storage/ Frame 0BB7 0
0 138ms
52ms Document
text/html 2606:4700::6812:4139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a8315240995.cdn.optimizely.com/client_storage/a8315240995.html
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/12107615879.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.ltur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 389
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 8b0e828b7c9c6607-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 10 Aug 2024 08:10:31 GMT
last-modified: Sat, 10 Aug 2024 07:09:05 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: jEd0W1SNRLRVP/z0MPG2ZJ3xwu+k/p5TxhmbOur6svcP5OFepXnI9o58dvDcY53FLth7vE2LbCs5pGhb3ZUBmJY1pPuXzN09
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: N5XQ19JDS3ZF3ETD
x-amz-server-side-encryption: AES256
x-amz-version-id: 8vkC7gkS2W_kZvZPmwxOl9oYiBPN1Obe

GET
H2 200 ltur-t13167-reco-tracking-var1-prod.js Show response
storage.googleapis.com/ltur-optimizely-hosting/html_offer/ltur-t13167-reco-tracking/ 978 B
982 B 219ms
49ms Script
application/javascript 2a00:1450:4001:827::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/ltur-optimizely-hosting/html_offer/ltur-t13167-reco-tracking/ltur-t13167-reco-tracking-var1-prod.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/12107615879.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0d03f84d0ef0d87524ce70b68a827936a64c0a8935467504eac7d6f671f9ce78

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:31 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: AHxI1nPz-YOsNuzKT4GSLQtq3mj5pUX8SJFXyxiwVvY0QZNdWp1PH55ruhrZ_xIDeUGsqwJLUG4
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 475
last-modified: Fri, 09 Aug 2024 13:06:24 GMT
server: UploadServer
etag: "0c5d4d51e534a2cc6e529e5edda5be24"
vary: Accept-Encoding,Origin
x-goog-generation: 1723208784168551
x-goog-hash: crc32c=ugTXFw==, md5=DF1NUeU0osxuUp5e3aW+JA==
content-type: application/javascript;charset=utf-8
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 475
accept-ranges: bytes
expires: Sat, 10 Aug 2024 08:10:31 GMT

GET
H3 200 btnt
sgtm1.ltur.com/ 35 B
51 B 86ms
86ms Image
image/gif 34.160.146.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sgtm1.ltur.com/btnt?page_referrer=&page_title=CH%3AHomepage&page_location=https%3A%2F%2Fwww.ltur.com%2Fch%2Findex&event_name=page_view&z=44812045
Requested by: Host: www.ltur.com
URL: https://www.ltur.com/ch/index
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.146.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.146.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Aug 2024 08:10:31 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 c.php
collect.trbo.com/i/ Frame 4422 0
0 167ms
71ms Document
text/html 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.trbo.com/i/c.php?browser_type=&channel=typein&cl=13262&click_type=typein&pg=www.ltur.com%2Fch%2Findex&device=&device_type=desktop&group=-1&has_flash=NaN&is_adclick=NaN&is_click_in=1&is_mobile=0&is_organic=NaN&is_referrer=NaN&is_tablet=0&is_typein=1&os=&protocol=https&rand=3708534748.250508&uid=96c1ee815b979d8edf66e08beb256857&sid=1164051297&pt=4&td=%7B%22slots%22%3A%7B%7D%2C%22data%22%3A%7B%7D%7D&rnd=1723277431643&stot=1
Requested by: Host: static.trbo.com
URL: https://static.trbo.com/plugin/trbo_13262_f41db5f2b59c7cee24a95016405221d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.ltur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 10 Aug 2024 08:10:31 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-robots-tag: noindex

GET
H2 200 ltur-t13129-new-tab-detail-var2-prod.js Show response
storage.googleapis.com/ltur-optimizely-hosting/html_offer/ltur-t13129-new-tab-detail/ 1 KB
942 B 39ms
38ms Script
application/javascript 2a00:1450:4001:827::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/ltur-optimizely-hosting/html_offer/ltur-t13129-new-tab-detail/ltur-t13129-new-tab-detail-var2-prod.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/8315240995/data/actions/bb8ced68406cb51895ac98de6a978c699da23323bb7f0da2fad0c8744aa245f5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2eddd82113e0e3211736532b3da0457ed0e95117e7976d5bafe90e0dea45b554

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:31 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: AHxI1nMa9kWmtuKa31Y1rtOv9LQDVAjTD-hi2bXJTGdlJh5LEtfqtQA6k6q3MBFSe9C5wVyCK94
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706
last-modified: Fri, 09 Aug 2024 13:06:36 GMT
server: UploadServer
etag: "e50435326965d7a4a5c32171684c03eb"
vary: Accept-Encoding,Origin
x-goog-generation: 1723208796290055
x-goog-hash: crc32c=gFHKuA==, md5=5QQ1Mmll16SlwyFxaEwD6w==
content-type: application/javascript;charset=utf-8
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 706
accept-ranges: bytes
expires: Sat, 10 Aug 2024 08:10:31 GMT

OPTIONS
H2 200 visitor-context
halc.iadvize.com/api/website/6267/ Frame 0
0 89ms
29ms Preflight 2600:9000:2491:8200:15:e09:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/api/website/6267/visitor-context

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ltur.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ltur.com
access-control-max-age: 3600
content-length: 0
date: Sat, 10 Aug 2024 08:10:31 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
trace-id: 1b87717fe7738fe7
vary: Origin
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-id: rrqYYiu0ChEgWgojcTzI6DTAy3dTyg9H1V9EeiXTOhw20BHQNUQZiA==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

POST
H2 200 visitor-context Show response
halc.iadvize.com/api/website/6267/ 785 B
998 B 39ms
38ms Fetch
application/json 2600:9000:2491:8200:15:e09:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/api/website/6267/visitor-context

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4edbc66e9b6ba2a050ff1088c9ec0f301092be120ae9d1379c206d10c0f515c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Aug 2024 08:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 492
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
vary: Origin,Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://www.ltur.com
access-control-allow-credentials: true
trace-id: c0e89e0f386f2cb8
x-amz-cf-id: FoViXRWca2F0AtKpxp_30xccyyD0tpL_yA-XOc-BWQlLrLvfk1i9vQ==

GET
H2 200 r.php Show response
api-v4.trbo.com/ 291 KB
79 KB 216ms
144ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v4.trbo.com/r.php?g=%7B%22st%22%3A0%2C%22p%22%3A%22https%3A%2F%2Fwww.ltur.com%2Fch%2Findex%22%2C%22t%22%3A1723277431%2C%22sh%22%3A%2213262%22%2C%22u%22%3A%2296c1ee815b979d8edf66e08beb256857%22%2C%22e%22%3Afalse%2C%22ts%22%3A0%2C%22ust%22%3A1723277431%2C%22sdt%22%3A0%2C%22sc%22%3A1%2C%22bsc%22%3A1%2C%22bv%22%3Anull%2C%22sid%22%3A1164051297%2C%22pt%22%3A4%2C%22cb%22%3A%7B%22value%22%3A0%2C%22num%22%3A0%2C%22voucher%22%3A0%2C%22p%22%3A%5B%5D%2C%22c%22%3A%5B%5D%7D%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22ct%22%3A3%2C%22cic%22%3A%5B%5D%2C%22cic2%22%3A%7B%7D%2C%22ref%22%3A%22%22%2C%22acd%22%3A0%7D&s=%5B%7B%22sst%22%3A1723277431%2C%22pvc%22%3A1%2C%22sd%22%3A0%7D%5D&p=%7B%7D&pl=%5B%5D&pdl=%5B%5D&pc=%7B%7D&sp=%7B%7D&cp=%5B%5D&nbp=%7B%7D&c=%7B%7D&mc=%5B%5D&b=%7B%7D&m=%5B%5D&bl=%5B%5D&dl=%7B%22lturPageName%22%3A%22CH%3AHomepage%22%2C%22targetLocation%22%3A%22novalue%22%2C%22_type%22%3A%22dataMatching%22%2C%22override_segment_id%22%3A-1%2C%22override_segment_ids%22%3A-1%2C%22trbo_module_blacklist%22%3A%5B%5D%7D&seg=%7B%7D&se=%7B%7D&cds=%5B%5D&dd=%7B%22type%22%3A%22desktop%22%2C%22device%22%3A%22desktop%22%2C%22os%22%3A%22windows%22%2C%22isTouch%22%3Afalse%7D&_=1723277431559
Requested by: Host: static.trbo.com
URL: https://static.trbo.com/plugin/trbo_13262_f41db5f2b59c7cee24a95016405221d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bae5862bce65bf1f25790fc09a149ef18d05f0c979d3e77c0de52725bd19891

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Aug 2024 08:10:32 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: POST, GET, OPTIONS
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex
access-control-allow-headers: Content-Type

GET
H2 200 ltur.js Show response
static.iadvize.com/js/dist/tpl/ 979 B
1 KB 126ms
27ms Script
application/javascript 2600:9000:2724:b200:e:5581:7340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.iadvize.com/js/dist/tpl/ltur.js?version=1721921561

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:b200:e:5581:7340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

6fd282a4-705c-dac5-80b5-b42a5d9ff823 /

Resource Hash

9182ff32b80bbc132a25d189ba0a3561b1baff1231c9610e6ca44459a17d7c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 15:32:41 GMT
content-encoding: gzip
via: 1.1 b44afb2a44376871c20edb8c123ed47c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-cf-pop: FRA56-P12
cross-origin-embedder-policy: require-corp
age: 59870
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 550
last-modified: Thu, 25 Jul 2024 15:26:49 GMT
server: 6fd282a4-705c-dac5-80b5-b42a5d9ff823
etag: W/"sh6qwpr7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=259200
accept-ranges: bytes
x-amz-cf-id: 4kanUgCPYEkpnma-mFmJRb2xbzNalmlUkaS6vl6iIY9H_xeC8wtMzA==

GET
H2 200 HA_1376_6267.json Show response
static.iadvize.com/locales/ 4 KB
2 KB 88ms
31ms Fetch
application/json 2600:9000:2724:b200:e:5581:7340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.iadvize.com/locales/HA_1376_6267.json

Requested by

Host: static.iadvize.com
URL: https://static.iadvize.com/js/dist/tpl/ltur.js?version=1721921561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:b200:e:5581:7340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

6fd282a4-705c-dac5-80b5-b42a5d9ff823 /

Resource Hash

75bee894b8d422c79551064add424ffa04e40cc1ebcbd836c29e32f3d4903f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 08:00:57 GMT
content-encoding: gzip
via: 1.1 a9a00cd74e5659e3b49c7fab5dc2863a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-cf-pop: FRA56-P12
cross-origin-embedder-policy: require-corp
age: 173375
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1453
last-modified: Thu, 25 Jul 2024 15:26:14 GMT
server: 6fd282a4-705c-dac5-80b5-b42a5d9ff823
etag: W/"sh6qvq2s5"
vary: Origin,Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=259200
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: Q1DrW8SBWZW7vpmkK344Q7e406K5vz7AK4dEuxoP9BV6qViWK6cVFw==

GET
H2 200 wecker-icon.svg
static.trbo.com/img/12999/ 3 KB
2 KB 20ms
19ms Image
image/svg+xml 35.190.85.25
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.trbo.com/img/12999/wecker-icon.svg
Requested by: Host: www.ltur.com
URL: https://www.ltur.com/ch/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.85.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.85.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8867fbec14019ef10742e6ec5f3cbf9d4b5fa69f81a5eef77ec9daf9210d41d2

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:01:26 GMT
content-encoding: gzip
age: 76146
x-guploader-uploadid: AHxI1nPvff1FvEThbhOnewPH2Er5lq1TxXMgMD73GLZbrsbzl0uGpNwuzKjOaHKx3QdrOGmdya9VJej_2pd3i54
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1379
last-modified: Wed, 20 Jan 2021 09:28:28 GMT
server: UploadServer
etag: "7f6786fc41712d227397a666919c5654"
vary: Accept-Encoding
x-goog-generation: 1611134908849542
x-goog-hash: crc32c=ZZYiwA==, md5=f2eG/EFxLSJzl6ZmkZxWVA==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: max-age=86400, public
x-goog-stored-content-length: 1379
accept-ranges: bytes
expires: Sat, 10 Aug 2024 11:01:26 GMT

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
385 B 183ms
130ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/12107615879.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 10 Aug 2024 08:10:32 GMT
via: 1.1 google
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ltur.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: be348781-82b4-4fc6-84cc-8d4953479b23

GET
H2 200 light-mode.chunk.js Show response
halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/ 22 KB
7 KB 27ms
27ms Script
application/javascript 2600:9000:2491:8200:15:e09:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/light-mode.chunk.js

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

b6e3a804-fc21-13ee-ff87-ec159f24be4a, AmazonS3 /

Resource Hash

421a44494a5b6be69c13213d91108cb64edcb0277ca7c0625e93993541b2f8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 12:27:03 GMT
content-encoding: gzip
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-version-id: 9nE5LQ9aqcPSdX1CKD.iHdoDiu.4uBmc
x-amz-cf-pop: FRA56-P7
cross-origin-embedder-policy: require-corp
x-amz-server-side-encryption: AES256
age: 675809
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 02 Aug 2024 09:31:34 GMT
server: b6e3a804-fc21-13ee-ff87-ec159f24be4a, AmazonS3
etag: W/"36dd5d6901c01d6921d091722be60d02"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: J05dsDBRW8FPdR0sZq4ld11hZT2FUbEjFcLRbhh6Ptm4ysy8JTJNYA==

GET
H2 200 favicon.ico
www.ltur.com/ 894 B
1 KB 31ms
31ms Other
image/vnd.microsoft.icon 3.72.194.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ltur.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.194.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-194-248.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

70e6024a6d17f7868b455c8e793d0fccb5578ced123140a458a6a960a29ea2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/ch/index
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 08 Aug 2024 08:11:56 GMT
server: nginx
etag: "37e-61f2794820b00"
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 894
x-xss-protection: 1; mode=block

GET
H2 200 www_js_lib_IframeManager_index_ts-www_js_modules_shared_draggable_draggable_ts.chunk.js Show response
halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/ 8 KB
4 KB 27ms
27ms Script
application/javascript 2600:9000:2491:8200:15:e09:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/www_js_lib_IframeManager_index_ts-www_js_modules_shared_draggable_draggable_ts.chunk.js

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

b277f0f6-2b81-bba6-d829-241bc8b8b134, AmazonS3 /

Resource Hash

2a4f1b7234c862ea207c0ceeece508ad7587f8d907d654f218220a783bacb5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 12:27:03 GMT
content-encoding: gzip
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-version-id: rAtQyoFFuEIA1h11O9RA3ei38T0O1oHh
x-amz-cf-pop: FRA56-P7
cross-origin-embedder-policy: require-corp
x-amz-server-side-encryption: AES256
age: 675809
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 02 Aug 2024 09:31:35 GMT
server: b277f0f6-2b81-bba6-d829-241bc8b8b134, AmazonS3
etag: W/"7d7732413805ccff297a04a7216f7f59"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -plNyIoeYY0wk1aWAYp7Xlzb0hahdBQ9u7jmcjq10NY6x8W8omVKug==

GET
H2 200 debugLauncher.chunk.js Show response
halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/ 3 KB
2 KB 28ms
28ms Script
application/javascript 2600:9000:2491:8200:15:e09:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/debugLauncher.chunk.js

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

c534507d-b52e-1e0e-30ce-c7b6131e3ed4, AmazonS3 /

Resource Hash

336044841862b8339b5a278ea89800038154722ef6fb1fd6950d7636f230e615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 12:27:03 GMT
content-encoding: gzip
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-version-id: nfU28L3SV95p6lcRNduWPzDqCC_fZlzI
x-amz-cf-pop: FRA56-P7
cross-origin-embedder-policy: require-corp
x-amz-server-side-encryption: AES256
age: 675809
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1591
last-modified: Fri, 02 Aug 2024 09:31:33 GMT
server: c534507d-b52e-1e0e-30ce-c7b6131e3ed4, AmazonS3
etag: W/"dfa6a67ce2b9707c8c1303a1cd930b13"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: b8BQWxNEiDrABtwmW9vbZci0gdB4LkiPn1JH5TalTF1GM29PBFszxQ==

POST
H2 204 events
api.iadvize.com/collector/ha/live/ 0
0 37ms
36ms Fetch 3.124.201.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.iadvize.com/collector/ha/live/events

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/89b3972524ea5c25186fa1fab520912ffa85f1dd/light-mode.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.124.201.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-201-130.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Aug 2024 08:10:32 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
vary: Origin
x-frame-options: DENY
access-control-allow-origin: https://www.ltur.com
access-control-allow-credentials: true
trace-id: a003e1a9dd6c7089
x-xss-protection: 1; mode=block

OPTIONS
H2 200 events
api.iadvize.com/collector/ha/live/ Frame 0
0 105ms
27ms Preflight 3.124.201.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iadvize.com/collector/ha/live/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.124.201.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-201-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ltur.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ltur.com
access-control-max-age: 3600
content-length: 0
date: Sat, 10 Aug 2024 08:10:32 GMT
trace-id: c574c5ae97830643
vary: Origin

GET
H2 200 12514.js Show response
www.dwin1.com/ 53 KB
14 KB 235ms
103ms Script
application/javascript 2600:9000:214f:6a00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/12514.js
Requested by: Host: sgtm1.ltur.com
URL: https://sgtm1.ltur.com/gtm.js?id=GTM-MWCRQ4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6a00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 818b366379db2411099674076a81be9defcea94c488c01bd71d82d5cfc086585

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: lFwICBnPPds1Lzw4fzBrXCEoAqFlrEeq
content-encoding: gzip
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
date: Sat, 10 Aug 2024 08:10:34 GMT
x-amz-cf-pop: FRA53-C1
age: 504
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Jul 2024 13:34:50 GMT
server: AmazonS3
etag: W/"be4abc4eb82b77bc8440a10cb9269b41"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: FrA5gHdMsrvPg45KHthL-8l5vNumLNO5lpM4c4JJXZ21GmCY_5auiQ==

GET
H3 200 oowjogol.js Show response
ad4m.at/ 25 KB
10 KB 104ms
44ms Script
application/javascript 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/oowjogol.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/12514.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c78c9ccbe1f1914356f8cb4ff25f826f7739f11ea62aa205540933e971d661c

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:34 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228418
alt-svc: h3=":443"; ma=86400
content-length: 10024
last-modified: Wed, 26 Jun 2024 16:40:17 GMT
server: cloudflare
etag: "acb2c173d6866b7a12d4081b669eca89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEeSi1Lb7FZ09iZ5gCrVvR2qMmc3prUuI%2BzdEZrmEWzrrvjyEDCPUQcqGG10JZQBTsi%2BkZLCMb30dmfhelvgGaysHYW9imOCc3jXlFRZXnS5rr%2F2ZpBiGC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8b0e829bf994ba89-MXP
expires: Wed, 07 Aug 2024 16:43:36 GMT

GET
H3 200 cookie-frame.html
ad4m.at/ Frame 2E2C 0
0 95ms
53ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/oowjogol.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.ltur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 251068
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8b0e829cbfc783a8-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 10 Aug 2024 08:10:34 GMT
expires: Sat, 20 Jul 2024 18:12:22 GMT
last-modified: Thu, 06 Jun 2024 10:03:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5RHGS%2BmPXwr55xFiLCvwC4P3QIxi3d0C6ZEEM6P5lYr4zIWt9AiGizgUNNveJYVYfgrcVCzVBhvv8SdQRMJ1SopJIym4YPutG0dXoUWcChB8vuhKdxXsf0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent=
https://secure.adnxs.com/seg?add=19751009&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2

43 B
1 KB

36ms
36ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Aug 2024 08:10:34 GMT
an-x-request-uuid: 9f4e683e-d941-4206-8bb7-2d4fe74abd2e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.81; 149.88.27.81; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Aug 2024 08:10:34 GMT
an-x-request-uuid: 3f661f7e-fc31-405f-8aed-f3bf06045cae
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2
x-proxy-origin: 149.88.27.81; 149.88.27.81; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2&gdpr=$0&gdpr_consent=
https://imagesrv.adition.com/1x1.gif

68 B
178 B

138ms
34ms

Image
image/gif

217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Protocol: H2
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Aug 2024 08:10:34 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
date: Sat, 10 Aug 2024 10:10:34 +0200
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
server: ADITIONSERVER v1.0
content-type: text/plain

GET
H3 204 dst
as.ad4m.at/ad/ 0
546 B 109ms
52ms Image
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=3597&b=2&c=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&e=17810&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fwww.ltur.com%2Fch%2Findex

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:34 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 8b0e829dbd2aba89-MXP
expires: 0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=1
https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm=&google_sc=&a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=1&google_tc=
https://as.ad4m.at/ad/dpe?b=CAESEJWey9neO-aHsVJglPQlmV8&a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=1&google_cver=1

0
546 B

67ms
63ms

Image
text/plain

172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?b=CAESEJWey9neO-aHsVJglPQlmV8&a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=1&google_cver=1

Protocol

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:34 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 8b0e829edf4bba89-MXP
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Aug 2024 08:10:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://as.ad4m.at/ad/dpe?b=CAESEJWey9neO-aHsVJglPQlmV8&a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=1&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tpui
ih.adscale.de/ 0
38 B 153ms
29ms Image
text/plain 3.69.14.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/tpui?tpid=25&tpuid=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dz9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp%26b%3D__ADSCALE_USER_ID__%26c%3D6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.14.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-14-84.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:34 GMT
content-length: 0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dz9HdHC7Dlvm9heBRQ...
https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=9&b=372884336795241173&gdpr=0&gdpr_consent=

0
546 B

96ms
96ms

Image
text/plain

172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=9&b=372884336795241173&gdpr=0&gdpr_consent=

Protocol

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:34 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 8b0e829e9ecdba89-MXP
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&c=9&b=372884336795241173&gdpr=0&gdpr_consent=
pragma: no-cache
date: Sat, 10 Aug 2024 08:10:34 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dz9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp%26b%3D%24%7BPUBMATIC%5FUID%...
https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&b=${PUBMATIC_UID}&c=5

0
546 B

68ms
67ms

Image
text/plain

172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&b=${PUBMATIC_UID}&c=5

Protocol

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:34 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 8b0e829f6883ba89-MXP
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&b=${PUBMATIC_UID}&c=5
date: Sat, 10 Aug 2024 08:10:34 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&C=1

43 B
334 B

53ms
52ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Aug 2024 08:10:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bK5X3ixWLTrO3zo2mzswe3UJnZpClbgoVN90UYV5xKPjO78fv0abp%2FvImzbvKo4X4cDLGu9%2Ffo825cClsvYZzCwCiMH6VoPQH0iDIc98F3XdcwpkhigaAWAp6MYV5qqcMWV2fpOMiPPl8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8b0e829e8e9e23f7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Aug 2024 08:10:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzHxfZoi4bpq8J5vAwBhuj6zCQOwAnLrKW8hiKSbis1Krda3dCswiIyFe1gocqadEb%2FY1nOujP14CNrPuBhLgGOPrfRKROl%2BjX5Efuv0asEzJYGEpSijJSry2%2FwELHf7gN%2B%2BK%2BTWZYpNGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=5&external_user_id=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&C=1
cache-control: no-cache
cf-ray: 8b0e829e1e3f23f7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3Dz9HdHC7Dlvm9h...
https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&b=07dbb3fa42c99f88feba8450349bb13d496e2c917a6cbabddd036b1280665&c=7

0
546 B

70ms
66ms

Image
text/plain

172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&b=07dbb3fa42c99f88feba8450349bb13d496e2c917a6cbabddd036b1280665&c=7

Protocol

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 08:10:34 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 8b0e829edf48ba89-MXP
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp&b=07dbb3fa42c99f88feba8450349bb13d496e2c917a6cbabddd036b1280665&c=7
date: Sat, 10 Aug 2024 08:10:34 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3.30
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"

POST
H2 200 visitor-context Show response
halc.iadvize.com/api/website/6267/ 178 B
684 B 37ms
34ms Fetch
application/json 2600:9000:2491:8200:15:e09:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/api/website/6267/visitor-context

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d944580a1730f0f49257ea1b84714713ff3e0afe45a88282d9db8fa64edd818d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Aug 2024 08:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 177
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
vary: Origin,Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://www.ltur.com
access-control-allow-credentials: true
trace-id: 44fe99aef266f42f
x-amz-cf-id: Roi0Gr1NDTtOVfMt-O6313OJw1zjbEwHDS4JbQsqXhMIMD8lQpmoMA==

POST
H2 200 visitor-context
halc.iadvize.com/api/website/6267/ 178 B
685 B 50ms
49ms Fetch
application/json 2600:9000:2491:8200:15:e09:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/api/website/6267/visitor-context

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ltur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Aug 2024 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-length: 178
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
vary: Origin,Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://www.ltur.com
access-control-allow-credentials: true
trace-id: 3881603222aa52d9
x-amz-cf-id: FXTJ2rNJXnfwbZ4anOLWdUulmBCaXj4A_MYKpFif9H4IaEySQMz3LQ==

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 23:24:29	Name: userId Value: z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp
.ad4m.at/cookie-frame.html	1970-01-20 22:51:22	Name: 625 Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 22:51:22	Name: 85 Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 22:51:22	Name: 9132 Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 22:51:22	Name: 1advs Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 22:51:22	Name: 711 Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 22:51:22	Name: 5bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw Value: 1
.ltur.com/	1970-01-21 03:00:29	Name: optimizelyEndUserId Value: oeu1723277431034r0.7555769282793956
www.ltur.com/	1970-01-21 08:17:17	Name: trbo_usr Value: 96c1ee815b979d8edf66e08beb256857
www.ltur.com/	1970-01-20 22:41:19	Name: trbo_session Value: 1164051297
www.ltur.com/	1970-01-21 08:17:17	Name: trbo_us_96c1ee815b979d8edf66e08beb256857 Value: %7B%22saleCount%22%3A0%2C%22sessionCount%22%3A1%2C%22brandSessionCount%22%3A1%2C%22pageViewCountTotal%22%3A1%2C%22sessionDurationTotal%22%3A0%2C%22externalUserId%22%3A%22%22%2C%22userCreateTime%22%3A1723277431%7D
www.ltur.com/	1970-01-20 22:41:19	Name: trbo_sess_1164051297 Value: %7B%22firstClickTime%22%3A1723277431%2C%22lastClickTime%22%3A1723277431%2C%22pageViewCount%22%3A1%2C%22sessionDuration%22%3A0%7D
.ltur.com/	1970-01-21 08:17:17	Name: BTNT_I_WAS_HERE Value: or%20was%20I%3F
.ltur.com/	1970-01-21 07:26:53	Name: iadvize-6267-vuid Value: %7B%22vuid%22%3A%22777a1b9995d64dc6b5a1b04184e8af5bf27a219a44ac4%22%2C%22deviceId%22%3A%225b900fdd-3533-4615-9f93-a47712edcfe2%22%7D
.casalemedia.com/	1970-01-21 07:26:53	Name: CMID Value: ZrcgermqPYsAAA2YAtdacgAA
.casalemedia.com/	1970-01-21 00:50:53	Name: CMPS Value: 3238
.casalemedia.com/	1970-01-21 00:50:53	Name: CMPRO Value: 3238
.smartadserver.com/	1970-01-21 08:11:31	Name: pid Value: 372884336795241173
.smartadserver.com/	1970-01-21 08:11:31	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 07:26:53	Name: csync Value: 132:z9HdHC7Dlvm9heBRQ4bNhFQ9Mt_kabcp
a.twiago.com/	1970-01-20 23:24:29	Name: deuxesse_uxid Value: 07dbb3fa42c99f88feba8450349bb13d496e2c917a6cbabddd036b1280665aea
.adfarm1.adition.com/	1970-01-21 00:50:49	Name: UserID1 Value: 7401420221060088106
.doubleclick.net/	1970-01-21 08:17:17	Name: IDE Value: AHWqTUkwfMdfo5tn6T5mq_MPCWxev4FJB8WFoeonlOBzSzGVZIMOkAqm4u6j9P5FfaY
.adnxs.com/	1970-01-21 00:50:53	Name: XANDR_PANID Value: GqVEWbKJXGJh6Bz9SwmXh3jLinTBR63qJOzNUsuUt3cFM_B5EX0-U9vLtKoFtH57EA449YxiU7VIX3v3yK-vQ_lfAbMK7Lm54k95r_NYccU.
.adnxs.com/	1970-01-21 08:17:17	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:50:53	Name: uuid2 Value: 5884955680519674675
.adnxs.com/	1970-01-21 00:50:53	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2ImLIXd-^!@wnf-Te9(>wL5L!!'`F$q7R%

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
a8315240995.cdn.optimizely.com
ad11.adfarm1.adition.com
ad4m.at
api-v4.trbo.com
api.iadvize.com
as.ad4m.at
cdn.optimizely.com
cm.g.doubleclick.net
collect.trbo.com
dsum-sec.casalemedia.com
gips.ltur.com
halc.iadvize.com
ih.adscale.de
imagesrv.adition.com
logx.optimizely.com
ltur.ch
r.adserver01.de
rtb-csync.smartadserver.com
secure.adnxs.com
sgtm1.ltur.com
simage2.pubmatic.com
static.iadvize.com
static.trbo.com
storage.googleapis.com
www.dwin1.com
www.ltur.com
104.18.36.155
142.250.184.194
172.67.74.129
18.66.147.43
185.89.210.46
198.47.127.205
2001:4860:4802:32::15
212.83.50.108
217.79.188.59
2600:9000:214f:6a00:f:8ce2:fb80:93a1
2600:9000:225e:0:6:f45f:8400:93a1
2600:9000:2491:8200:15:e09:8a80:93a1
2600:9000:2724:b200:e:5581:7340:93a1
2606:4700::6812:4139
2a00:1450:4001:827::201b
3.124.201.130
3.69.14.84
3.72.194.248
34.160.146.59
34.49.241.189
35.190.85.25
81.17.55.106
85.114.159.112
85.215.5.31
02c9d2310f55e57bcba634eba146d6ceacb50a0485c8b6fcbb58b18c07ca6737
0812d2609d761a733121bc83caae9a725dc26f6689194f060717fb7e291af8e5
0bae5862bce65bf1f25790fc09a149ef18d05f0c979d3e77c0de52725bd19891
0d03f84d0ef0d87524ce70b68a827936a64c0a8935467504eac7d6f671f9ce78
17168b4b2913869d62691a124185d2c3c64e37c73c629af53d3105a8a4ce2e69
2a4f1b7234c862ea207c0ceeece508ad7587f8d907d654f218220a783bacb5a3
2be4ddf271b5e17a97762ff91408b4952e9f81edc42bf53738669420e610a451
2eddd82113e0e3211736532b3da0457ed0e95117e7976d5bafe90e0dea45b554
2ef5a2c12f7f869758e84ce7c133e99ca5e28319a0d05f72c111bad6bd08f61d
336044841862b8339b5a278ea89800038154722ef6fb1fd6950d7636f230e615
421a44494a5b6be69c13213d91108cb64edcb0277ca7c0625e93993541b2f8ec
440a6b8f8494b5ae592324654ee0cebbfe0c394378d8bf3e389b0a9e7f6119e2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4edbc66e9b6ba2a050ff1088c9ec0f301092be120ae9d1379c206d10c0f515c8
4fdc220c56642f8010dc055610d1c8d992a748501d304e47687478cc4fc47db4
5b0171beb621d0e11be97e8a6be1d22d8be7fb64515952215904487154ecc16d
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
6a35bb0d78bada7666cd743784a31dc6f6e701dd21e2b0cff50d67474e17e0e3
6c5c3ccf3a2de83853bbd1bade901d8b8769b28325b42fa6bb130d8ebc7993d4
6c78c9ccbe1f1914356f8cb4ff25f826f7739f11ea62aa205540933e971d661c
702e9118b813396663f7155257d74c4021f26ba256186a8cfa8a5c69efe9a8b1
70e6024a6d17f7868b455c8e793d0fccb5578ced123140a458a6a960a29ea2dd
75bee894b8d422c79551064add424ffa04e40cc1ebcbd836c29e32f3d4903f10
7972cbb2b5f462d8833c8046d31c5a805262b18747f2593955dabfa4c0fed718
818b366379db2411099674076a81be9defcea94c488c01bd71d82d5cfc086585
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8867fbec14019ef10742e6ec5f3cbf9d4b5fa69f81a5eef77ec9daf9210d41d2
8df320e2300abf0dfb4b5bf72fd7dcd89ee79b24ca7b238d4af07f848de6453c
9182ff32b80bbc132a25d189ba0a3561b1baff1231c9610e6ca44459a17d7c29
9b28564365fdd3ad70aea8466e73534999b19b0e265c7e677169424cbff3eeb2
aebb25d0d73f3bf9bd2f44f3939918cba39344c1176779670c632669273ccad2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb8ced68406cb51895ac98de6a978c699da23323bb7f0da2fad0c8744aa245f5
c3d68f79c83f54dc0f014f767a606419b085a3cf44787cfa0b063a992da0cca0
ca1bbc307d7b38fdc5b6fc8c9d9f0752613a10c19ae559fad6b2a76412cdb9ad
cecd9660457dd7a052b58cf8e6e9e9cd9a530c92fbe827e9e189226f547762f8
d944580a1730f0f49257ea1b84714713ff3e0afe45a88282d9db8fa64edd818d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d66a0d0dad88519d8fd5c8f4cd4381d9403a64994ed6e5e5acdf32ae291514
e7d61bfb72a3e2915bcf8b6513ebeb471c506c713cdc35baead6fad7ec8a9893
ece550fe33ec76675be7383619c4498db0c90187159b82314a9bf0834ba093c2
fdaf64ab9bde769bfd127c2e165b13e51836731ec3a839bdd1ba557940a959e1
fec07e3fe6f45c103c5f646d628b59867a54166a460654b58430e8584332cd9e
ff068881c14a34fd5990e2d75f8f3471992a4d6be02320919aaa97daf09c0251
ff86e435ab62193c29a9a531c8f6cfede3baf35e41afb6bef5ebf9add35a0319

www.ltur.com Open in urlscan Pro 3.72.194.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

86 %HTTPS

29 %IPv6

17 Domains

27 Subdomains

18 IPs

4 Countries

1566 kBTransfer

4864 kBSize

27 Cookies

10 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ltur.com Open in urlscan Pro
3.72.194.248 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

86 %
HTTPS

29 %
IPv6

17
Domains

27
Subdomains

18
IPs

4
Countries

1566 kB
Transfer

4864 kB
Size

27
Cookies

58 HTTP transactions
0 data transactions