URL: https://booking.bagatin.hr/
Submission: On October 03 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 213.186.1.143, located in Zagreb, Croatia and belongs to OMONIA The best telecom worldwide :, HR. The main domain is booking.bagatin.hr.
TLS certificate: Issued by R3 on October 3rd 2023. Valid for: 3 months.
This is the only time booking.bagatin.hr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 213.186.1.143 44306 (OMONIA Th...)
1 2a00:1450:400... 15169 (GOOGLE)
2 195.29.82.78 5391 (T-HT Croa...)
4 2a00:1450:400... 15169 (GOOGLE)
15 4
Apex Domain
Subdomains
Transfer
8 bagatin.hr
booking.bagatin.hr
843 KB
4 gstatic.com
fonts.gstatic.com
139 KB
2 nevia.hr
nevia.hr
www.nevia.hr
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
1 KB
15 4
Domain Requested by
8 booking.bagatin.hr booking.bagatin.hr
4 fonts.gstatic.com fonts.googleapis.com
1 www.nevia.hr booking.bagatin.hr
1 nevia.hr booking.bagatin.hr
1 fonts.googleapis.com booking.bagatin.hr
15 5

This site contains links to these domains. Also see Links.

Domain
www.nevia.hr
Subject Issuer Validity Valid
booking.bagatin.hr
R3
2023-10-03 -
2024-01-01
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
nevia.hr
R3
2023-09-11 -
2023-12-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking.bagatin.hr/
Frame ID: 01160AA67C1FD13458DC9771226E946A
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Nevia estetski centar - Rezervacija termina

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

998 kB
Transfer

3764 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
booking.bagatin.hr/
31 KB
8 KB
Document
General
Full URL
https://booking.bagatin.hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.186.1.143 Zagreb, Croatia, ASN44306 (OMONIA The best telecom worldwide :, HR),
Reverse DNS
Software
nginx /
Resource Hash
424e20ccbd8c31531d8bd2e61b5ea05a6a3886de9a454efc9ea59ad62f809764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 12:24:22 GMT
server
nginx
vary
HTTPS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
tailwind@2.2.19.min.css
booking.bagatin.hr/css/
3 MB
345 KB
Stylesheet
General
Full URL
https://booking.bagatin.hr/css/tailwind@2.2.19.min.css
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.186.1.143 Zagreb, Croatia, ASN44306 (OMONIA The best telecom worldwide :, HR),
Reverse DNS
Software
nginx /
Resource Hash
0e82225cf2bb9b37b009a008f7a4546d4e868b3d0b0dc8d865b9cad321abfaee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 12:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Jun 2023 06:30:09 GMT
server
nginx
etag
W/"6486bb71-2cc505"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
expires
Thu, 02 Nov 2023 12:24:22 GMT
css2
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&family=Playfair+Display:wght@400;500;600&display=swap
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2d88aecc7180dd0a993ae45b8f38555eac30d0126f9460a008f5027279184ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Oct 2023 12:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 12:24:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Oct 2023 12:24:22 GMT
Slika%20zaslona%202022-10-13%20u%2015.57.33.png
nevia.hr/web/image/7413/
12 KB
13 KB
Image
General
Full URL
https://nevia.hr/web/image/7413/Slika%20zaslona%202022-10-13%20u%2015.57.33.png
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.29.82.78 Zagreb, Croatia, ASN5391 (T-HT Croatian Telecom Inc., HR),
Reverse DNS
TIA-PARTNER-SKRLJEVO.net.t-com.hr
Software
Werkzeug/0.11.15 Python/3.7.3 /
Resource Hash
e6b560281a8d9ff99582a709dffc5b907523b4fca8cf83a70125ae1be4b99867
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 12:24:22 GMT
X-Content-Type-Options
nosniff
Server
Werkzeug/0.11.15 Python/3.7.3
ETag
"42a38022c74707bf2c003c80bc102647"
Content-Type
image/png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
12467
loader.gif
booking.bagatin.hr/
36 KB
37 KB
Image
General
Full URL
https://booking.bagatin.hr/loader.gif
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.186.1.143 Zagreb, Croatia, ASN44306 (OMONIA The best telecom worldwide :, HR),
Reverse DNS
Software
nginx /
Resource Hash
3bf30430a13068927c1c2312fc2929e83410852de950326cc0b8c8c74ef455bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 12:24:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Jun 2023 06:30:09 GMT
server
nginx
etag
"6486bb71-9198"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37272
expires
Thu, 02 Nov 2023 12:24:22 GMT
logo-kruna.png
www.nevia.hr/web/image/753/
1 KB
2 KB
Image
General
Full URL
https://www.nevia.hr/web/image/753/logo-kruna.png
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.29.82.78 Zagreb, Croatia, ASN5391 (T-HT Croatian Telecom Inc., HR),
Reverse DNS
TIA-PARTNER-SKRLJEVO.net.t-com.hr
Software
Werkzeug/0.11.15 Python/3.7.3 /
Resource Hash
8514f7bbf7cfacacac6995426df3a2d39ef43d0196d05dbdddb2a3f6b7d7dbe3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 12:24:22 GMT
X-Content-Type-Options
nosniff
Server
Werkzeug/0.11.15 Python/3.7.3
ETag
"0670a1f2a186442b2a55fac1557760af"
Content-Type
image/png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1446
jquery@3.6.0.min.js
booking.bagatin.hr/js/
87 KB
35 KB
Script
General
Full URL
https://booking.bagatin.hr/js/jquery@3.6.0.min.js
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.186.1.143 Zagreb, Croatia, ASN44306 (OMONIA The best telecom worldwide :, HR),
Reverse DNS
Software
nginx /
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 12:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Jun 2023 06:30:09 GMT
server
nginx
etag
W/"6486bb71-15d9f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 02 Nov 2023 12:24:22 GMT
jquery-inputmask@5.0.5.min.js
booking.bagatin.hr/js/
138 KB
40 KB
Script
General
Full URL
https://booking.bagatin.hr/js/jquery-inputmask@5.0.5.min.js
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.186.1.143 Zagreb, Croatia, ASN44306 (OMONIA The best telecom worldwide :, HR),
Reverse DNS
Software
nginx /
Resource Hash
9782bc8e651950ef8410a855fab9911fb245ac2734065bc31b0c95ed0a4d6f52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 12:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Jun 2023 06:30:09 GMT
server
nginx
etag
W/"6486bb71-229bd"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 02 Nov 2023 12:24:22 GMT
underscore@1.13.1.min.js
booking.bagatin.hr/js/
19 KB
8 KB
Script
General
Full URL
https://booking.bagatin.hr/js/underscore@1.13.1.min.js
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.186.1.143 Zagreb, Croatia, ASN44306 (OMONIA The best telecom worldwide :, HR),
Reverse DNS
Software
nginx /
Resource Hash
fd6970b05786393e5d1bd02dd529e9883434eefe9d1b3321b8fee3957613d54c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 12:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Jun 2023 06:30:09 GMT
server
nginx
etag
W/"6486bb71-4c51"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 02 Nov 2023 12:24:22 GMT
vue@2.6.12.min.js
booking.bagatin.hr/js/
91 KB
39 KB
Script
General
Full URL
https://booking.bagatin.hr/js/vue@2.6.12.min.js
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.186.1.143 Zagreb, Croatia, ASN44306 (OMONIA The best telecom worldwide :, HR),
Reverse DNS
Software
nginx /
Resource Hash
d28eeb77e6ab4c9e51188f8504b46d769fc957b4680fd6ae427b50bf3c6aa777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 12:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Jun 2023 06:30:09 GMT
server
nginx
etag
W/"6486bb71-16ded"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 02 Nov 2023 12:24:22 GMT
prostor.jpg
booking.bagatin.hr/
330 KB
331 KB
Image
General
Full URL
https://booking.bagatin.hr/prostor.jpg
Requested by
Host: booking.bagatin.hr
URL: https://booking.bagatin.hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.186.1.143 Zagreb, Croatia, ASN44306 (OMONIA The best telecom worldwide :, HR),
Reverse DNS
Software
nginx /
Resource Hash
f61f85ecffcbd3b42d74078e89ca7f65a2d20f4a468580e9f6af0cb271c79550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.bagatin.hr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 12:24:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Jun 2023 06:30:09 GMT
server
nginx
etag
"6486bb71-52927"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
338215
expires
Thu, 02 Nov 2023 12:24:22 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&family=Playfair+Display:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://booking.bagatin.hr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 18:17:53 GMT
x-content-type-options
nosniff
age
410789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 18:17:53 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&family=Playfair+Display:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://booking.bagatin.hr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:36:01 GMT
x-content-type-options
nosniff
age
334101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37964
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:43:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 15:36:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&family=Playfair+Display:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://booking.bagatin.hr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 18:19:24 GMT
x-content-type-options
nosniff
age
410698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35120
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:03:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 18:19:24 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2
fonts.gstatic.com/s/playfairdisplay/v36/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&family=Playfair+Display:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d35f5108fb6496eaac7d5a072a620b7899a405fabd9b2298fc7b94e31d070546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://booking.bagatin.hr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 17:28:11 GMT
x-content-type-options
nosniff
age
327371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20016
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 17:28:11 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| Inputmask function| default function| _ function| Vue function| formatDate object| app

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN