Submitted URL: https://vacationupdate.info/
Effective URL: https://www.vacationcrm.com/
Submission: On October 02 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 12 IPs in 3 countries across 13 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3035::6815:286d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vacationcrm.com.
TLS certificate: Issued by WE1 on September 22nd 2024. Valid for: 3 months.
This is the only time www.vacationcrm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
14 chatlio.com
w.chatlio.com — Cisco Umbrella Rank: 100661
api.chatlio.com — Cisco Umbrella Rank: 100632
132 KB
11 vacationcrm.com
www.vacationcrm.com
415 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 341
8 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
22 KB
2 gstatic.com
fonts.gstatic.com
72 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
169 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 9833
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
557 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4111
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 78
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
1 vacationupdate.info
vacationupdate.info
683 B
0 sapec.md Failed
analytics.sapec.md Failed
41 13
Domain Requested by
11 www.vacationcrm.com www.vacationcrm.com
8 w.chatlio.com www.vacationcrm.com
w.chatlio.com
6 api.chatlio.com w.chatlio.com
4 cdn.jsdelivr.net www.vacationcrm.com
cdn.jsdelivr.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com www.vacationcrm.com
www.google-analytics.com
1 www.google.de www.vacationcrm.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.youtube.com www.vacationcrm.com
1 fonts.googleapis.com www.vacationcrm.com
1 vacationupdate.info 1 redirects
0 analytics.sapec.md Failed www.vacationcrm.com
41 14

This site contains links to these domains. Also see Links.

Domain
www.tailoredassistantservices.com
www.facebook.com
www.youtube.com
Subject Issuer Validity Valid
vacationcrm.com
WE1
2024-09-22 -
2024-12-21
3 months crt.sh
upload.video.google.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.google-analytics.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.google.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
chatlio.com
E5
2024-09-03 -
2024-12-02
3 months crt.sh
*.gstatic.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.de
WR2
2024-09-16 -
2024-12-09
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.vacationcrm.com/
Frame ID: 40AF50FB07C4E04978D01BF9BB7DC3FF
Requests: 37 HTTP requests in this frame

Frame: https://www.youtube.com/embed/riwDi5Bbt4I?showinfo=0&iv_load_policy=3&controls=0
Frame ID: 86770CAED5A4A663BCB8B3FF0BA8AD46
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Homepage | VacationCRM

Page URL History Show full URLs

  1. https://vacationupdate.info/ HTTP 302
    http://www.vacationcrm.com/ HTTP 307
    https://www.vacationcrm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

98 %
HTTPS

100 %
IPv6

13
Domains

14
Subdomains

12
IPs

3
Countries

820 kB
Transfer

1829 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vacationupdate.info/ HTTP 302
    http://www.vacationcrm.com/ HTTP 307
    https://www.vacationcrm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.vacationcrm.com/
Redirect Chain
  • https://vacationupdate.info/
  • http://www.vacationcrm.com/
  • https://www.vacationcrm.com/
17 KB
5 KB
Document
General
Full URL
https://www.vacationcrm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8aa09ccc2b1a2da7664ffa24fd36d8c8736baef3cb9c549f062e77e945bc6156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cc302041cdccde9-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 02 Oct 2024 07:34:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0%2FJ%2FKDrJ244Rl34S8d7oduG%2B4MFXYwd1JbfT2lKQmEZ1IOCtl%2BLH8uFm2pDx6HOq7mWs5onxt2ELsoNzw%2FY7ZjqqoiVV5HV173H8AfRYs2tc2jFKGl4q6j7JA2LRiKhr3w%2B%2Bg27dg1diTwvcbLySzSh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.vacationcrm.com/
Non-Authoritative-Reason
HttpsUpgrades
speculation
www.vacationcrm.com/cdn-cgi/
128 B
561 B
Other
General
Full URL
https://www.vacationcrm.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.vacationcrm.com
Referer
https://www.vacationcrm.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7WzJqRh%2B0Hq5%2B8Q3pCZ2T4guUZxqi1Yx9vtGP%2BQdntRaSdGnyZ%2FpiC7TKFkOs4laf1SRKD1O9DhCie8%2FgyPoEgZqQDwfuWEwGh5llqNOfNM9Xa2Z%2FW6f8dyrA7Y92CVmRUn1%2F7QL56pcyot47iLFDyW7"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc3020b2e0fcde9-SIN
access-control-allow-origin
https://www.vacationcrm.com
content-length
128
date
Wed, 02 Oct 2024 07:34:05 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
app.css
www.vacationcrm.com/Content/Css/
87 KB
12 KB
Stylesheet
General
Full URL
https://www.vacationcrm.com/Content/Css/app.css
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9f3f9b0118fa37f3dca88d08d7afab218803878508d608105e80d28e52ba8c9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"1daf8040e0b8ade"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1wfoO9WAZT61bIQfeesMRq%2FZBK0b8WEIV8CwP2iHBAOJQsnkAAoihcJ9Z5NxpjoPafbBAJ644YWDyQtm%2FCz%2FXEhgmbIom%2FVUrzJNf246WmE9Gyz7XkVynACvaSw0Qk4D1bY3LXoJQS5GbmguqnSPtPw"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cc3020b2e13cde9-SIN
date
Wed, 02 Oct 2024 07:34:06 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Mon, 26 Aug 2024 22:05:26 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
vacationcrmlogo.8dbf956bfc6de5749a4c542da5be5308.svg
www.vacationcrm.com/Images/
15 KB
6 KB
Image
General
Full URL
https://www.vacationcrm.com/Images/vacationcrmlogo.8dbf956bfc6de5749a4c542da5be5308.svg
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
edc792befcece1a3f440b5650592b18b6641d092f6aff1d81087309e1bd50b01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"1daf80412cfb173"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSBW%2Bg1%2F0eN3MlS4FFdRuuRSF9Sk3sMVXvQH50%2F%2Bq3Q4QeV0c2l5spEQ2rZseqHUIoKDfuVhTECLhGXhfKk%2FE3VxfUkqXEumFQROB1w%2FanFhj3NYkuIKjHpGUmFJtuD9PYU%2BvrX8u9BlSmNrKVG0Cuqm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
image/svg+xml
last-modified
Mon, 26 Aug 2024 22:05:34 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cc3020b2e14cde9-SIN
x-xss-protection
1; mode=block
x-powered-by
ASP.NET
server
cloudflare
vacationcrmlogo-white.48c641bc27645c248518c7a730582fc2.svg
www.vacationcrm.com/Images/
6 KB
3 KB
Image
General
Full URL
https://www.vacationcrm.com/Images/vacationcrmlogo-white.48c641bc27645c248518c7a730582fc2.svg
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1226d1f84736b3a91a5bd1c6b4e299f714dc5e042663dfc4c2aa37ec4049b6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"1daf80412cf9283"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsU7x9pw1uRblKaddUoDa5d3xoryWTt7Ic5Bfg7P4hYZSmgBrmCSnFHpaet7KV2bUBWHxU9pzvBPSDw%2FScQP64sbcDbqdDpVhXDUexA4qcCjL8nvFbUkPDQpwZYbA0oNOvNcvxH1gIC7MoMNVeSOYJwU"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cc3020b2e18cde9-SIN
date
Wed, 02 Oct 2024 07:34:06 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
last-modified
Mon, 26 Aug 2024 22:05:34 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
app.js
www.vacationcrm.com/Scripts/
148 KB
48 KB
Script
General
Full URL
https://www.vacationcrm.com/Scripts/app.js
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
32e147332cad2bc4c5192c5febaf267c59187be082b5be260abf0584f4a5e9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"1daf80412cdda7c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5HR3NAYEWvLHjPQhsnD4P%2F4vW0ywCytEJmywx2b%2BZwrcgX5Ni6BkQ6SidLfO1wCvPYK2LNruTOVOsDUOt5rwHobqyPB%2BUvqGhTiwMlRdESuTkiKpdbxeCA6UdYKO6qdXz3yQUCXMBj8G0xWXSpzDrqw"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cc302136ab0cde9-SIN
date
Wed, 02 Oct 2024 07:34:07 GMT
x-xss-protection
1; mode=block
content-type
text/javascript
last-modified
Mon, 26 Aug 2024 22:05:34 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/
11 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/Content/Css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
057c6db7176a4b988472143ad3797e478d31de02150c22e8b892d9887102a0c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 02 Oct 2024 07:34:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 02 Oct 2024 05:42:44 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
slick.css
cdn.jsdelivr.net/jquery.slick/1.6.0/
2 KB
660 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.css
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/Content/Css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"6c1-bp0TNCoRqM/Z5C7iQ+rq4BzaTiU"
age
80781
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220142-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
583
slick-theme.css
cdn.jsdelivr.net/jquery.slick/1.6.0/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/Content/Css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
age
798990
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220142-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
928
gtm.js
www.googletagmanager.com/
206 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TL7MVDJ
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a62f6a01f783f35ac323be709272458708faffb8e009fe403e5c6672fbf22950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 02 Oct 2024 07:34:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 02 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
75931
x-xss-protection
0
server
Google Tag Manager
riwDi5Bbt4I
www.youtube.com/embed/ Frame 8677
0
0
Document
General
Full URL
https://www.youtube.com/embed/riwDi5Bbt4I?showinfo=0&iv_load_policy=3&controls=0
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vacationcrm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Oct 2024 07:34:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
vacationcrmlogo-white.48c641bc27645c248518c7a730582fc2.svg
www.vacationcrm.com/Images/
6 KB
0
Image
General
Full URL
https://www.vacationcrm.com/Images/vacationcrmlogo-white.48c641bc27645c248518c7a730582fc2.svg
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1226d1f84736b3a91a5bd1c6b4e299f714dc5e042663dfc4c2aa37ec4049b6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"1daf80412cf9283"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsU7x9pw1uRblKaddUoDa5d3xoryWTt7Ic5Bfg7P4hYZSmgBrmCSnFHpaet7KV2bUBWHxU9pzvBPSDw%2FScQP64sbcDbqdDpVhXDUexA4qcCjL8nvFbUkPDQpwZYbA0oNOvNcvxH1gIC7MoMNVeSOYJwU"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cc3020b2e18cde9-SIN
date
Wed, 02 Oct 2024 07:34:06 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
last-modified
Mon, 26 Aug 2024 22:05:34 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
piwik.js
analytics.sapec.md/
0
0

w.chatlio-widget.js
w.chatlio.com/
2 KB
1 KB
Script
General
Full URL
https://w.chatlio.com/w.chatlio-widget.js
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16845a20ab2f689801ce6c79f4d3f46fa097f6fbc811cce4ad91187804e9870f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=30
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"652976cd-69c"
cross-origin-resoure-policy
cross-origin
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8cc302137e8c71b9-FRA
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
application/javascript
last-modified
Fri, 13 Oct 2023 16:56:45 GMT
fly-request-id
01J7SQ437A4NATVC62HJHBP65Z-fra
server
cloudflare
vary
Accept-Encoding
tripplanning.1434866b6f42aeaba76b1b9e16d3f29e.jpg
www.vacationcrm.com/Images/
262 KB
263 KB
Image
General
Full URL
https://www.vacationcrm.com/Images/tripplanning.1434866b6f42aeaba76b1b9e16d3f29e.jpg
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/Content/Css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c658e0c8078e6d0ab9559204f9e824b6379323e8f61db8336d11a717083741f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/Content/Css/app.css

Response headers

x-robots-tag
noindex
cf-cache-status
REVALIDATED
etag
"1daf80412cb9cad"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7kh89nuBs9J1Hk6GoiR5PKq%2FZtbeWAW8Sn5XKzeFL5nnr40BMFW7Yp5%2BXPgYnV%2FyJ9pw3zVwLzluERccnnzXaq%2FqT8GGhYVNMZKB7DAPcUq8kVUaLgL3SRfbhb6rhLmA51f3sT%2BRi2OxnNja2wtuqdE"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 07:34:07 GMT
content-type
image/jpeg
last-modified
Mon, 26 Aug 2024 22:05:34 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cc302146e32cde9-SIN
accept-ranges
bytes
content-length
268205
x-xss-protection
1; mode=block
x-powered-by
ASP.NET
server
cloudflare
palms.929969bc28f28765079ae1b7e6cbe432.jpg
www.vacationcrm.com/Images/
147 KB
0
Image
General
Full URL
https://www.vacationcrm.com/Images/palms.929969bc28f28765079ae1b7e6cbe432.jpg
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/Content/Css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/Content/Css/app.css

Response headers

x-robots-tag
noindex
cf-cache-status
REVALIDATED
etag
"1daf80412cb9f38"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fF52YREWoYlMw0LPSskf%2BZVqtXrPW9jcYkeDHxfX9Pbew4zMH5humD24jnhJUPSTvi3lquNrFwfyQKJtoWfZXzW%2F6i0ViYyf%2BaUZrwd7Wipw%2BCHgDb8Qz5Ua3u%2F0%2F7QVY1nmvgAU2%2BF%2BK%2Fd2TMtukqCd"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 07:34:07 GMT
content-type
image/jpeg
last-modified
Mon, 26 Aug 2024 22:05:34 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cc302146e36cde9-SIN
accept-ranges
bytes
content-length
267320
x-xss-protection
1; mode=block
x-powered-by
ASP.NET
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.vacationcrm.com
Referer
https://fonts.googleapis.com/

Response headers

age
84214
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:10:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:10:32 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
www.vacationcrm.com/Content/
75 KB
76 KB
Font
General
Full URL
https://www.vacationcrm.com/Content/fontawesome-webfont.woff2
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/Content/Css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.vacationcrm.com
Referer
https://www.vacationcrm.com/Content/Css/app.css

Response headers

cf-cache-status
MISS
etag
"1daf804119f7368"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZfmEgLVB%2FPNqDoh1ieocN3MBBluZALm4izd%2BtgbGQ6GCdEEv4dmlOqWkwdxsO5rSfAb%2Fs1SMv1vKZmNe%2BxNrk2f66Lws7wRb8ZxylDxHmc3UrXgplQW6xNmditiYuhZDpd%2FcOWURu12rlNI4dXXWhPf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 07:34:21 GMT
content-type
font/woff2
last-modified
Mon, 26 Aug 2024 22:05:32 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cc30268bd39dc58-FRA
accept-ranges
bytes
content-length
77160
x-xss-protection
1; mode=block
x-powered-by
ASP.NET
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.vacationcrm.com
Referer
https://fonts.googleapis.com/

Response headers

age
82631
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:36:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:36:55 GMT
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24984
x-xss-protection
0
server
sffe
w.chatlio-widget.js
w.chatlio.com/v5/
95 KB
26 KB
Script
General
Full URL
https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da
Requested by
Host: w.chatlio.com
URL: https://w.chatlio.com/w.chatlio-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
173345b21c8411e3cb9d9f22cc28d4dd794c3399ccd20b03628be5a18266d6a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=30
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"654d5894-17c22"
cross-origin-resoure-policy
cross-origin
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8cc30213cecf71b9-FRA
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
application/javascript
last-modified
Thu, 09 Nov 2023 22:09:24 GMT
fly-request-id
01J7SQ438QTT0B7GWMQWFXHMJD-fra
server
cloudflare
vary
Accept-Encoding
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL7MVDJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

content-encoding
gzip
age
238
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 02 Oct 2024 09:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 07:30:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/
15 B
437 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1929553217&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vacationcrm.com%2F&ul=de-de&de=UTF-8&dt=Homepage%20%7C%20VacationCRM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1095239486&gjid=794945338&cid=1959465546.1727854447&tid=UA-187162668-1&_gid=655525640.1727854447&_r=1&_slc=1&gtm=45He4a10n81TL7MVDJza200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=1349885717
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6712cc59a708684051fb6d50e3454d0ac12f49582f7cae64c069b1778c4b4de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.vacationcrm.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 07:34:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.vacationcrm.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
chatlio.min.7ab10269.js
w.chatlio.com/v5/vendor/
210 KB
60 KB
Script
General
Full URL
https://w.chatlio.com/v5/vendor/chatlio.min.7ab10269.js
Requested by
Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d4e5fc906ea9142f81577b3b2c7fde741030246604b11f2b5ec194cd42eef63
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"654d5894-34698"
cross-origin-resoure-policy
cross-origin
age
12665511
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
application/javascript
last-modified
Thu, 09 Nov 2023 22:09:24 GMT
fly-request-id
01HXCKMB6E8FP0D3697C95VR7G-fra
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=63072000
via
1.1 fly.io
cf-ray
8cc30214ffc071b9-FRA
server
cloudflare
main.b74a0d69.css
w.chatlio.com/v5/
38 KB
6 KB
Stylesheet
General
Full URL
https://w.chatlio.com/v5/main.b74a0d69.css
Requested by
Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d9106c062f003e1688680ae5875a0a63458aa3d78c6b4e06fc2bf9674afc40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"654d5894-99a2"
cross-origin-resoure-policy
cross-origin
age
12665511
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
text/css
last-modified
Thu, 09 Nov 2023 22:09:24 GMT
fly-request-id
01HXCKMB6HX96VW9GRMH2SZ23X-fra
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=63072000
via
1.1 fly.io
cf-ray
8cc30214ffc671b9-FRA
server
cloudflare
emojione-1.4.1.min.2f0e13b4.js
w.chatlio.com/v5/vendor/
73 KB
17 KB
Script
General
Full URL
https://w.chatlio.com/v5/vendor/emojione-1.4.1.min.2f0e13b4.js
Requested by
Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb18c1fc910d740101311d327b8acddecf0d6c3a468e591cf122784ebc88c630
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"654d5894-124eb"
cross-origin-resoure-policy
cross-origin
age
12665511
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
application/javascript
last-modified
Thu, 09 Nov 2023 22:09:24 GMT
fly-request-id
01HXCKMB6WXGGST4SM0E7YM1Y8-fra
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=63072000
via
1.1 fly.io
cf-ray
8cc30214ffc771b9-FRA
server
cloudflare
js
www.googletagmanager.com/gtag/
268 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M1460XW7VQ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3f75f0f6d64e1171d4abc8e5d3bdbf95c7448ee10f49fa1a6965fcfa8b3a377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 02 Oct 2024 07:34:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 07:34:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96518
x-xss-protection
0
server
Google Tag Manager
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M1460XW7VQ&gtm=45je4a10v9133819143za200&_p=1727854446589&_gaz=1&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=99312313~101671035~101747727&ul=de-de&sr=1600x1200&cid=1959465546.1727854447&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.vacationcrm.com%2F&dt=Homepage%20%7C%20VacationCRM&sid=1727854446&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3864
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M1460XW7VQ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.vacationcrm.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 07:34:07 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
557 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M1460XW7VQ&cid=1959465546.1727854447&gtm=45je4a10v9133819143za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=99312313~101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M1460XW7VQ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.vacationcrm.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 07:34:07 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M1460XW7VQ&cid=1959465546.1727854447&gtm=45je4a10v9133819143za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=99312313~101671035~101747727&tag_exp=99312313~101671035~101747727&z=1240493295
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 02 Oct 2024 07:34:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
new
api.chatlio.com/v1/p/visitor/session/
17 B
769 B
XHR
General
Full URL
https://api.chatlio.com/v1/p/visitor/session/new
Requested by
Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.vacationcrm.com/

Response headers

access-control-expose-headers
X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
cf-cache-status
DYNAMIC
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
x-content-type-options
nosniff
expires
-1
x-chatlio-vsuuid
85e0fd7a-726d-412f-bb68-fa1a233f2a1d
date
Wed, 02 Oct 2024 07:34:08 GMT
content-type
application/javascript
x-chatlio-rt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiI3Y2FmNmIxMC0yNzAxLTQ4YTgtNmZmMC1jNDJjOThmZTQyYjUiLCJleHAiOjE3OTA5MjY0NDgsImlhdCI6MTcyNzg1NDQ0OCwidnNVVUlEIjoiODVlMGZkN2EtNzI2ZC00MTJmLWJiNjgtZmExYTIzM2YyYTFkIn0.hx7GzdmULFD52X_v3YVT6dRC5wqspp76FAa9vI8xzcc
x-frame-options
DENY
access-control-allow-headers
Content-Type, Authorization
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-chatlio-at
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiI3Y2FmNmIxMC0yNzAxLTQ4YTgtNmZmMC1jNDJjOThmZTQyYjUiLCJleHAiOjE3Mjc4NjE2NDgsImlhdCI6MTcyNzg1NDQ0OCwidnNVVUlEIjoiODVlMGZkN2EtNzI2ZC00MTJmLWJiNjgtZmExYTIzM2YyYTFkIn0.hkLxOqmgcIF48bScdKn6Eo37QEm49hKWn-XqbXfPOgw
content-security-policy
default-src 'none'; frame-ancestors 'none'
cf-ray
8cc3021aafc09b5d-FRA
access-control-allow-origin
*
content-length
17
server
cloudflare
new
api.chatlio.com/v1/p/visitor/session/ Frame
0
0
Preflight
General
Full URL
https://api.chatlio.com/v1/p/visitor/session/new
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.vacationcrm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
*
access-control-expose-headers
X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8cc302168bd79b5d-FRA
content-length
0
content-security-policy
default-src 'none'; frame-ancestors 'none'
content-type
text/plain; charset=utf-8
date
Wed, 02 Oct 2024 07:34:07 GMT
expires
-1
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
ajax-loader.gif
cdn.jsdelivr.net/jquery.slick/1.6.0/
4 KB
4 KB
Image
General
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/ajax-loader.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css

Response headers

access-control-expose-headers
*
etag
W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
age
1111165
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 02 Oct 2024 07:34:07 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220142-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4178
slick.woff
cdn.jsdelivr.net/jquery.slick/1.6.0/fonts/
1 KB
2 KB
Font
General
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/fonts/slick.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.vacationcrm.com
Referer
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css

Response headers

access-control-expose-headers
*
etag
W/"564-r5HBLw9Aak+AGus7OYdo/kHY+GQ"
age
111043
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 02 Oct 2024 07:34:07 GMT
content-type
font/woff
x-served-by
cache-fra-etou8220089-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
1380
register
api.chatlio.com/v1/v/visitor/
3 KB
1 KB
XHR
General
Full URL
https://api.chatlio.com/v1/v/visitor/register
Requested by
Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93b35a00b2cc88478707fa34d4d5f93dccfdd01231899d38b4400b20311d491
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiI3Y2FmNmIxMC0yNzAxLTQ4YTgtNmZmMC1jNDJjOThmZTQyYjUiLCJleHAiOjE3Mjc4NjE2NDgsImlhdCI6MTcyNzg1NDQ0OCwidnNVVUlEIjoiODVlMGZkN2EtNzI2ZC00MTJmLWJiNjgtZmExYTIzM2YyYTFkIn0.hkLxOqmgcIF48bScdKn6Eo37QEm49hKWn-XqbXfPOgw
Referer
https://www.vacationcrm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-expose-headers
X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
x-content-type-options
nosniff
expires
-1
date
Wed, 02 Oct 2024 07:34:08 GMT
content-type
application/json
vary
Accept-Encoding
x-frame-options
DENY
access-control-allow-headers
Content-Type, Authorization
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-security-policy
default-src 'none'; frame-ancestors 'none'
cache-control
max-age=30, no-transform, public
cf-ray
8cc302202c3c9b5d-FRA
access-control-allow-origin
*
server
cloudflare
ack
api.chatlio.com/v1/v/visitor/token/
0
260 B
XHR
General
Full URL
https://api.chatlio.com/v1/v/visitor/token/ack?vsUuid=85e0fd7a-726d-412f-bb68-fa1a233f2a1d&ceUuid=7caf6b10-2701-48a8-6ff0-c42c98fe42b5
Requested by
Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiI3Y2FmNmIxMC0yNzAxLTQ4YTgtNmZmMC1jNDJjOThmZTQyYjUiLCJleHAiOjE3Mjc4NjE2NDgsImlhdCI6MTcyNzg1NDQ0OCwidnNVVUlEIjoiODVlMGZkN2EtNzI2ZC00MTJmLWJiNjgtZmExYTIzM2YyYTFkIn0.hkLxOqmgcIF48bScdKn6Eo37QEm49hKWn-XqbXfPOgw
Referer
https://www.vacationcrm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-security-policy
default-src 'none'; frame-ancestors 'none'
access-control-expose-headers
X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
cf-cache-status
DYNAMIC
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
x-content-type-options
nosniff
cf-ray
8cc302204c5e9b5d-FRA
expires
-1
access-control-allow-origin
*
date
Wed, 02 Oct 2024 07:34:08 GMT
server
cloudflare
access-control-allow-headers
Content-Type, Authorization
register
api.chatlio.com/v1/v/visitor/ Frame
0
0
Preflight
General
Full URL
https://api.chatlio.com/v1/v/visitor/register
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.vacationcrm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
*
access-control-expose-headers
X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8cc3021efb489b5d-FRA
content-length
0
content-security-policy
default-src 'none'; frame-ancestors 'none'
content-type
text/plain; charset=utf-8
date
Wed, 02 Oct 2024 07:34:08 GMT
expires
-1
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
ack
api.chatlio.com/v1/v/visitor/token/ Frame
0
0
Preflight
General
Full URL
https://api.chatlio.com/v1/v/visitor/token/ack?vsUuid=85e0fd7a-726d-412f-bb68-fa1a233f2a1d&ceUuid=7caf6b10-2701-48a8-6ff0-c42c98fe42b5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://www.vacationcrm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE
access-control-allow-origin
*
access-control-expose-headers
X-Chatlio-Vsuuid, X-Chatlio-At, X-Chatlio-Rt
allow
GET, HEAD, OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8cc3021efb499b5d-FRA
content-length
0
content-security-policy
default-src 'none'; frame-ancestors 'none'
content-type
text/plain; charset=utf-8
date
Wed, 02 Oct 2024 07:34:08 GMT
expires
-1
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
tinycon.min.06c92f12.js
w.chatlio.com/v5/vendor/
3 KB
2 KB
Script
General
Full URL
https://w.chatlio.com/v5/vendor/tinycon.min.06c92f12.js
Requested by
Host: w.chatlio.com
URL: https://w.chatlio.com/v5/w.chatlio-widget.js?loader-version=549d4da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4a5c7fab1980ae5ce68df7e7532c849e82a3eb897980be101c4136baf8c0e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vacationcrm.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"654d5894-d61"
cross-origin-resoure-policy
cross-origin
age
12665511
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 07:34:08 GMT
content-type
application/javascript
last-modified
Thu, 09 Nov 2023 22:09:24 GMT
fly-request-id
01HXCKMD37DCKVX91XD5NAFPN7-fra
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=63072000
via
1.1 fly.io
cf-ray
8cc302217a6c71b9-FRA
server
cloudflare
chatlio-new-message.c1e7ef43.mp3
w.chatlio.com/v5/media/
16 KB
16 KB
Media
General
Full URL
https://w.chatlio.com/v5/media/chatlio-new-message.c1e7ef43.mp3
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848104268205e15b17cda61a6b404a2e393ea99e6cb5db0a17f22ebd3fdccc0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vacationcrm.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
HIT
etag
"654d5894-402a"
cross-origin-resoure-policy
cross-origin
age
12665524
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 07:34:08 GMT
content-type
audio/mpeg
last-modified
Thu, 09 Nov 2023 22:09:24 GMT
fly-request-id
01HXCKKZX4DKRQ8F9YHN4SJFV9-fra
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=63072000
Content-Range
bytes 0-16425/16426
via
1.1 fly.io
cf-ray
8cc302218a7271b9-FRA
Content-Length
16426
server
cloudflare
x-dark.d84d0cd0.svg
w.chatlio.com/v5/images/
261 B
468 B
Image
General
Full URL
https://w.chatlio.com/v5/images/x-dark.d84d0cd0.svg
Requested by
Host: w.chatlio.com
URL: https://w.chatlio.com/v5/main.b74a0d69.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4cb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01863f4085e7ea2007e3efcebefdaaaa7d02dd22eaa1f44ad2936ec8b5801782
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://w.chatlio.com/v5/main.b74a0d69.css

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"654d5894-105"
cross-origin-resoure-policy
cross-origin
age
12665511
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 07:34:08 GMT
content-type
image/svg+xml
last-modified
Thu, 09 Nov 2023 22:09:24 GMT
fly-request-id
01HXCKMD308S2TKY04CBN42F2Z-fra
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=63072000
via
1.1 fly.io
cf-ray
8cc302218a7671b9-FRA
server
cloudflare
favicon.ico
www.vacationcrm.com/
5 KB
2 KB
Image
General
Full URL
https://www.vacationcrm.com/favicon.ico
Requested by
Host: www.vacationcrm.com
URL: https://www.vacationcrm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
00b78d2516393a154229e4de8b0b84d7c655619a70b7ba94be9f87da58edf4ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.vacationcrm.com
Referer
https://www.vacationcrm.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"1daf8041400ad36"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NvKuvBI8Bw9j%2FB6N2lIUrskEAOmGpiLIJnOtZLzUZZaZTjiR4P4gWmFgFNT2JCBqI8T6pwyGUdiLwo9TAba8802M%2F1GznTCZJKGcXLolCbGoukJCcBjo82JkoMATUmyZxNjdFJ%2F5Z6ZmyCQFlCBQueJ3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cc30268bd3cdc58-FRA
date
Wed, 02 Oct 2024 07:34:20 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
last-modified
Mon, 26 Aug 2024 22:05:36 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.sapec.md
URL
https://analytics.sapec.md/piwik.js

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| _paq object| _chatlio object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| ChatlioReact object| ChatlioReactDOM function| Pusher object| emojione function| webpackHotUpdate object| Tinycon

10 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: G0umS6Ockro
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: LOV-G8d8uYI
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgFQ%3D%3D
.vacationcrm.com/ Name: _ga
Value: GA1.2.1959465546.1727854447
.vacationcrm.com/ Name: _gid
Value: GA1.2.655525640.1727854447
.vacationcrm.com/ Name: _gat_UA-187162668-1
Value: 1
.vacationcrm.com/ Name: _ga_M1460XW7VQ
Value: GS1.2.1727854446.1.0.1727854446.60.0.0
.vacationcrm.com/ Name: chatlio_uuid--7caf6b10-2701-48a8-6ff0-c42c98fe42b5
Value: 85e0fd7a-726d-412f-bb68-fa1a233f2a1d
.vacationcrm.com/ Name: chatlio_rt--7caf6b10-2701-48a8-6ff0-c42c98fe42b5
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiI3Y2FmNmIxMC0yNzAxLTQ4YTgtNmZmMC1jNDJjOThmZTQyYjUiLCJleHAiOjE3OTA5MjY0NDgsImlhdCI6MTcyNzg1NDQ0OCwidnNVVUlEIjoiODVlMGZkN2EtNzI2ZC00MTJmLWJiNjgtZmExYTIzM2YyYTFkIn0.hx7GzdmULFD52X_v3YVT6dRC5wqspp76FAa9vI8xzcc
.vacationcrm.com/ Name: chatlio_at--7caf6b10-2701-48a8-6ff0-c42c98fe42b5
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjZVVVSUQiOiI3Y2FmNmIxMC0yNzAxLTQ4YTgtNmZmMC1jNDJjOThmZTQyYjUiLCJleHAiOjE3Mjc4NjE2NDgsImlhdCI6MTcyNzg1NDQ0OCwidnNVVUlEIjoiODVlMGZkN2EtNzI2ZC00MTJmLWJiNjgtZmExYTIzM2YyYTFkIn0.hkLxOqmgcIF48bScdKn6Eo37QEm49hKWn-XqbXfPOgw

1 Console Messages

Source Level URL
Text
network error URL: https://www.vacationcrm.com/Images/palms.929969bc28f28765079ae1b7e6cbe432.jpg
Message:
Failed to load resource: net::ERR_QUIC_PROTOCOL_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.sapec.md
api.chatlio.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
stats.g.doubleclick.net
vacationupdate.info
w.chatlio.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.vacationcrm.com
www.youtube.com
analytics.sapec.md
2001:4860:4802:32::36
2606:4700:10::6816:4cb7
2606:4700:3031::ac43:db25
2606:4700:3035::6815:286d
2a00:1450:4001:806::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9d
2a04:4e42:400::485
00b78d2516393a154229e4de8b0b84d7c655619a70b7ba94be9f87da58edf4ab
01863f4085e7ea2007e3efcebefdaaaa7d02dd22eaa1f44ad2936ec8b5801782
057c6db7176a4b988472143ad3797e478d31de02150c22e8b892d9887102a0c1
0d4e5fc906ea9142f81577b3b2c7fde741030246604b11f2b5ec194cd42eef63
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1226d1f84736b3a91a5bd1c6b4e299f714dc5e042663dfc4c2aa37ec4049b6e2
16845a20ab2f689801ce6c79f4d3f46fa097f6fbc811cce4ad91187804e9870f
173345b21c8411e3cb9d9f22cc28d4dd794c3399ccd20b03628be5a18266d6a0
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
32e147332cad2bc4c5192c5febaf267c59187be082b5be260abf0584f4a5e9c2
35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5a4a5c7fab1980ae5ce68df7e7532c849e82a3eb897980be101c4136baf8c0e3
6712cc59a708684051fb6d50e3454d0ac12f49582f7cae64c069b1778c4b4de7
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
848104268205e15b17cda61a6b404a2e393ea99e6cb5db0a17f22ebd3fdccc0a
8aa09ccc2b1a2da7664ffa24fd36d8c8736baef3cb9c549f062e77e945bc6156
9f3f9b0118fa37f3dca88d08d7afab218803878508d608105e80d28e52ba8c9d
a3f75f0f6d64e1171d4abc8e5d3bdbf95c7448ee10f49fa1a6965fcfa8b3a377
a62f6a01f783f35ac323be709272458708faffb8e009fe403e5c6672fbf22950
b0d9106c062f003e1688680ae5875a0a63458aa3d78c6b4e06fc2bf9674afc40
c658e0c8078e6d0ab9559204f9e824b6379323e8f61db8336d11a717083741f6
cb18c1fc910d740101311d327b8acddecf0d6c3a468e591cf122784ebc88c630
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
d93b35a00b2cc88478707fa34d4d5f93dccfdd01231899d38b4400b20311d491
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
edc792befcece1a3f440b5650592b18b6641d092f6aff1d81087309e1bd50b01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629