book.tab.travel Open in urlscan Pro
54.162.128.250 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://book.tab.travel/BFXB573
Submission: On September 08 via manual (September 8th 2023, 8:27:02 am UTC) from TH — Scanned from DE

Summary HTTP 51 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 51 HTTP transactions. The main IP is 54.162.128.250, located in United States and belongs to AMAZON-AES, US. The main domain is book.tab.travel.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 16th 2023. Valid for: a year.

This is the only time book.tab.travel was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	54.162.128.250 54.162.128.250	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
6	2600:9000:214... 2600:9000:214f:e400:8:7bb9:3f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
4	151.101.66.182 151.101.66.182	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100::213:c6aa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:39f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a01:b740:a10... 2a01:b740:a10:f100::6	6185 (APPLE-AUSTIN) (APPLE-AUSTIN)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:400c:c04::5c	15169 (GOOGLE) (GOOGLE)
1	54.237.133.81 54.237.133.81	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700::68... 2606:4700::6812:5af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	17

11 54.162.128.250 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-128-250.compute-1.amazonaws.com

book.tab.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:e400:8:7bb9:3f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.book.tab.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.182 (United States)

ASN54113 (FASTLY, US)

core.spreedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::213:c6aa (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:39f5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:b740:a10:f100::6 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)

applepay.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.133.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-133-81.compute-1.amazonaws.com

account.tab.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:5af (United States)

ASN13335 (CLOUDFLARENET, US)

global.localizecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	tab.travel book.tab.travel cdn.book.tab.travel account.tab.travel	792 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	129 KB
4	localizecdn.com global.localizecdn.com — Cisco Umbrella Rank: 21088	24 KB
4	google.com pay.google.com — Cisco Umbrella Rank: 3016	413 KB
4	spreedly.com core.spreedly.com — Cisco Umbrella Rank: 41394	197 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1977	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	239 B
2	inspectlet.com cdn.inspectlet.com — Cisco Umbrella Rank: 12002 hn.inspectlet.com — Cisco Umbrella Rank: 12325	63 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	88 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	151 KB
1	cdn-apple.com applepay.cdn-apple.com — Cisco Umbrella Rank: 23306	49 KB
1	ucarecdn.com ucarecdn.com — Cisco Umbrella Rank: 18175	166 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 9637	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	1 KB
51	14

	Domain	Requested by
11	book.tab.travel	book.tab.travel
6	cdn.book.tab.travel	book.tab.travel cdn.book.tab.travel
4	www.gstatic.com	pay.google.com www.gstatic.com
4	global.localizecdn.com	book.tab.travel cdn.ravenjs.com
4	pay.google.com	book.tab.travel pay.google.com www.gstatic.com
4	core.spreedly.com	book.tab.travel core.spreedly.com
2	www.facebook.com	book.tab.travel
2	www.google-analytics.com	www.googletagmanager.com cdn.ravenjs.com
2	connect.facebook.net	book.tab.travel connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	book.tab.travel www.google-analytics.com
1	account.tab.travel	cdn.ravenjs.com
1	hn.inspectlet.com	cdn.ravenjs.com
1	region1.google-analytics.com	www.googletagmanager.com
1	applepay.cdn-apple.com	book.tab.travel
1	cdn.inspectlet.com	book.tab.travel
1	ucarecdn.com	book.tab.travel
1	cdn.ravenjs.com	book.tab.travel
1	fonts.googleapis.com	book.tab.travel
51	19

This site contains links to these domains. Also see Links.

Domain
www.tab.travel
localizejs.com

Subject Issuer	Validity	Valid
*.tab.travel Sectigo RSA Organization Validation Secure Server CA	`2023-05-16` - `2024-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cdn.book.tab.travel Amazon RSA 2048 M01	`2023-03-01` - `2023-11-09`	8 months	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
core.spreedly.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-01-12` - `2024-02-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cps3.ucarecdn.com R3	`2023-09-04` - `2023-12-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-17` - `2023-09-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
applepay.cdn-apple.com Apple Public Server ECC CA 12 - G1	`2023-05-10` - `2023-11-06`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
localizecdn.com Cloudflare Inc ECC CA-3	`2023-09-07` - `2024-09-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://book.tab.travel/BFXB573
Frame ID: B3BA271A1E20F85FFF63B8C110A1551F
Requests: 41 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/number-frame-1.111.html
Frame ID: D0FEF9A739F80405DEE1D7DC6C244B9A
Requests: 2 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/cvv-frame-1.111.html
Frame ID: F18BDC60B94E7B99081152C424BB44B8
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbook.tab.travel&mid=
Frame ID: 5DC9250DCB77CC8CC2692C2537FA5714
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pay for Booking at PM Tours

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Inspectlet (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.inspectlet\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

82 %
IPv6

14
Domains

19
Subdomains

17
IPs

3
Countries

2108 kB
Transfer

4251 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.tab.travel/

Search URL Search Domain Scan URL

URL: https://localizejs.com/
Title: Localize

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request BFXB573 Show response
book.tab.travel/ 95 KB
95 KB 494ms
173ms Document
text/html 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

17ad60b3b7863354744fc2ef2e9ce4556c6249532843992a22a968896d7814c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 96896
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Sep 2023 08:26:55 GMT
Server: gunicorn/19.9.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 407ms
341ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,900

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac6273f5c28a5f8fd69a28fa2be6f1756d6b8b8447a58afc98cf009ad5dda34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 08:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 06:46:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 08:26:56 GMT

GET
H2 200 font-awesome.min.css
cdn.book.tab.travel/static/book/css/ 27 KB
6 KB 228ms
25ms Stylesheet
text/css 2600:9000:214f:e400:8:7bb9:3f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.tab.travel/static/book/css/font-awesome.min.css?ver=955bc5490bea667c0712fa66e22d994d

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:e400:8:7bb9:3f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

gunicorn/19.9.0 /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 vegur, 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
content-encoding: gzip
date: Fri, 08 Sep 2023 07:41:52 GMT
x-amz-cf-pop: FRA53-C1
age: 40037
x-cache: Hit from cloudfront
last-modified: Mon, 04 Sep 2023 16:48:37 GMT
server: gunicorn/19.9.0
etag: W/"1693846117.0-27466-357110773"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=43200
x-amz-cf-id: jXSiusPXfIz0EN3bdZ6so3ZyfZX1_kvtNSPPOXSXBIvnxf35bGKOIQ==
expires: Fri, 08 Sep 2023 09:19:38 GMT

GET
H2 200 toolkit-minimal.css
cdn.book.tab.travel/static/book/css/ 188 KB
29 KB 229ms
27ms Stylesheet
text/css 2600:9000:214f:e400:8:7bb9:3f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.tab.travel/static/book/css/toolkit-minimal.css?ver=955bc5490bea667c0712fa66e22d994d

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:e400:8:7bb9:3f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

gunicorn/19.9.0 /

Resource Hash

d242f95c8d6a2a958e9be9b5380d5418caab4f957d1eac17d695e2a8700bda84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 vegur, 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
content-encoding: gzip
date: Fri, 08 Sep 2023 07:41:52 GMT
x-amz-cf-pop: FRA53-C1
age: 39759
x-cache: Hit from cloudfront
last-modified: Mon, 04 Sep 2023 16:48:37 GMT
server: gunicorn/19.9.0
etag: W/"1693846117.0-192746-69473224"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=43200
x-amz-cf-id: T880yZiIfbQC497_F0ByrwNjw4HomVzuL3TUs4ihjykWGsEHeEKlOA==
expires: Fri, 08 Sep 2023 09:24:16 GMT

GET
H2 200 application-minimal.css
cdn.book.tab.travel/static/book/css/ 2 KB
1 KB 229ms
27ms Stylesheet
text/css 2600:9000:214f:e400:8:7bb9:3f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.tab.travel/static/book/css/application-minimal.css?ver=955bc5490bea667c0712fa66e22d994d

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:e400:8:7bb9:3f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

gunicorn/19.9.0 /

Resource Hash

f81da8a50a778b3f5809cc367e3faa2f0faf7b668413df7846a3a3b7ec93e574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 vegur, 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
content-encoding: gzip
date: Fri, 08 Sep 2023 07:41:52 GMT
x-amz-cf-pop: FRA53-C1
age: 40037
x-cache: Hit from cloudfront
last-modified: Mon, 04 Sep 2023 16:48:37 GMT
server: gunicorn/19.9.0
etag: W/"1693846117.0-1810-1455953238"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=43200
x-amz-cf-id: 3AWya1OODCeLY7QyI4zVzrUtVg7G8jldAkEsyDCurw2MyWTrqvnrNQ==
expires: Fri, 08 Sep 2023 09:19:38 GMT

GET
H2 200 custom.css
cdn.book.tab.travel/static/book/css/ 2 KB
1 KB 229ms
28ms Stylesheet
text/css 2600:9000:214f:e400:8:7bb9:3f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.tab.travel/static/book/css/custom.css?ver=955bc5490bea667c0712fa66e22d994d

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:e400:8:7bb9:3f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

gunicorn/19.9.0 /

Resource Hash

0466d3b7eac23f85e2bb0fed11366bca7400cc8efb9e2840f3be534f1ceab1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 vegur, 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
content-encoding: gzip
date: Fri, 08 Sep 2023 07:41:52 GMT
x-amz-cf-pop: FRA53-C1
age: 39759
x-cache: Hit from cloudfront
last-modified: Mon, 04 Sep 2023 16:48:37 GMT
server: gunicorn/19.9.0
etag: W/"1693846117.0-2138-1606946889"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=43200
x-amz-cf-id: eDHxpDpzG1738JaWsdVxRy-HDCWGjg_6v3CtF3OJ3O3Lb9fG-zJG7w==
expires: Fri, 08 Sep 2023 09:24:16 GMT

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.25.2/ 36 KB
13 KB 84ms
25ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.25.2/raven.min.js
Requested by: Host: book.tab.travel
URL: https://book.tab.travel/BFXB573
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 8775a525529f29a7a50efda011c3a107c40b10224df38c8f041acd8634ea8b9f

Request headers

Referer: https://book.tab.travel/
Origin: https://book.tab.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:55 GMT
content-encoding: gzip
last-modified: Thu, 17 May 2018 08:32:11 GMT
server: Fastly
age: 32719
etag: "3c5534ee7c0a0c94df677e78aca025e5"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 13526

GET
H/1.1 200
OK tab_logo.png
book.tab.travel/static/book/img/ 146 KB
147 KB 299ms
121ms Image
image/png 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.tab.travel/static/book/img/tab_logo.png

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

fa2a4d8b47bd99085f5c5ac931a3ec61d349fb9c482f92e7dd57d4eaace11675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/BFXB573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:56 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-149830-2146373861"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149830
Expires: Fri, 08 Sep 2023 20:26:56 GMT

GET
H2 200 comodo_logo.png
cdn.book.tab.travel/static/book/img/ 9 KB
10 KB 25ms
24ms Image
image/png 2600:9000:214f:e400:8:7bb9:3f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.book.tab.travel/static/book/img/comodo_logo.png?ver=955bc5490bea667c0712fa66e22d994d

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:e400:8:7bb9:3f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

gunicorn/19.9.0 /

Resource Hash

133f96ceac619d2317cd9e4e3e9f40f30929fb612c170231cb400953d3546602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 vegur, 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 07:41:53 GMT
x-amz-cf-pop: FRA53-C1
age: 39760
x-cache: Hit from cloudfront
content-length: 9277
last-modified: Mon, 04 Sep 2023 16:48:37 GMT
server: gunicorn/19.9.0
etag: "1693846117.0-9277-3057586735"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=43200
accept-ranges: bytes
x-amz-cf-id: R2gR-0_nhynIR8oAqCsfdXtDMMPAXVjr212bMxHkxBdMNo0aSGUNCA==
expires: Fri, 08 Sep 2023 09:24:16 GMT

GET
H2 200 iframe-v1.min.js Show response
core.spreedly.com/iframe/ 79 KB
79 KB 130ms
38ms Script
text/javascript 151.101.66.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/iframe-v1.min.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

74258b7de13ab196e4cebd8af8bd2ba641e94667a1f1d7b45a6073c244d8a47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Fri, 08 Sep 2023 08:26:56 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: D2TQPR7XBEPWM2TR
age: 480
x-cache: MISS, HIT
content-length: 80642
x-amz-id-2: 1ujknm2zi2kLYxIk0UrUVUUpJmoquqUMgUPtm1vctOwomXDfIRMBlHuN1z2YBoY7ZiiyDXyGeX8=
x-served-by: cache-fra-etou8220100-FRA, cache-fra-eddf8230029-FRA
last-modified: Tue, 05 Sep 2023 13:04:36 GMT
server: AmazonS3
x-timer: S1694161616.024642,VS0,VE0
etag: "067f666dd446112a5ab5e90dd01e1a47"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 0, 7

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
book.tab.travel/static/webapp/js/vendor/ 87 KB
88 KB 336ms
119ms Script
application/javascript 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://book.tab.travel/static/webapp/js/vendor/jquery-3.5.1.min.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/BFXB573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:56 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-89476-2762085787"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89476
Expires: Fri, 08 Sep 2023 20:26:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
70 KB 104ms
48ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJG6K3H

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3881eb4833f8be8fce6d5176ffaa038937a7ed796bb8c97bee3fea9a9cd128b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71488
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Sep 2023 08:26:56 GMT

GET
H2 200 TH.jpg
ucarecdn.com/ef548be7-ccb1-4b6e-bc70-6cc3fe643c44/-/progressive/yes// 165 KB
166 KB 454ms
354ms Image
image/jpeg 2a02:26f0:7100::213:c6aa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/ef548be7-ccb1-4b6e-bc70-6cc3fe643c44/-/progressive/yes//TH.jpg
Requested by: Host: book.tab.travel
URL: https://book.tab.travel/BFXB573
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::213:c6aa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Uploadcare /
Resource Hash: 3f1f80b2e4745ab86b2f16b3dfe6b2da366e8e8b86f0f153e7e40d88eca2c2ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:56 GMT
x-image-width: 1600
server: Uploadcare
etag: "bd7835b96e71acf577f07083c9b37f09"
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31351451
content-disposition: inline; filename=TH.jpg
x-image-height: 1065
content-length: 169361

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 78ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://book.tab.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 17155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 03:41:01 GMT

GET
H2 200 toolkit-entypo.woff2
cdn.book.tab.travel/static/book/fonts/ 35 KB
36 KB 83ms
29ms Font
font/woff2 2600:9000:214f:e400:8:7bb9:3f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.tab.travel/static/book/fonts/toolkit-entypo.woff2

Requested by

Host: cdn.book.tab.travel
URL: https://cdn.book.tab.travel/static/book/css/toolkit-minimal.css?ver=955bc5490bea667c0712fa66e22d994d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:e400:8:7bb9:3f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

gunicorn/19.9.0 /

Resource Hash

6e9fc1b03a7f0b322489100eb6edf03431927e82ef67c5263c5a475206035b45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cdn.book.tab.travel/static/book/css/toolkit-minimal.css?ver=955bc5490bea667c0712fa66e22d994d
Origin: https://book.tab.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 vegur, 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 07:41:53 GMT
x-amz-cf-pop: FRA53-C1
age: 17285
x-cache: Hit from cloudfront
content-length: 35840
last-modified: Mon, 04 Sep 2023 16:48:37 GMT
server: gunicorn/19.9.0
etag: "1693846117.0-35840-1156781308"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=43200
accept-ranges: bytes
x-amz-cf-id: C40owkeXPp9bgr1MSD3-F_VgMFnVUX-dl1R52c8dcyrUw8XG3U5EwA==
expires: Fri, 08 Sep 2023 15:38:51 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 82ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://book.tab.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:19:52 GMT
x-content-type-options: nosniff
age: 529624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14780
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 05:19:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 71ms
23ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Sep 2023 08:26:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: hjO/jUQBi2er9hnDjGwk7Gq9MaQuRBuCaTD3cA1nsPOuFh3nsVBy9rS2oTsKN+AjMWulvGRUBXRUCZFR2RzMRA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 81ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJG6K3H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Sep 2023 07:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2233
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 08 Sep 2023 09:49:43 GMT

GET
H2 200 inspectlet.js Show response
cdn.inspectlet.com/ 188 KB
62 KB 467ms
408ms Script
text/javascript 2606:4700:10::6816:39f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inspectlet.com/inspectlet.js?wid=122364926&r=470600
Requested by: Host: book.tab.travel
URL: https://book.tab.travel/BFXB573
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:56 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 08 Sep 2023 08:08:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=60, max-age=14400
cf-ray: 8035cf36081939d3-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK apple-pay-sdk.js Show response
applepay.cdn-apple.com/jsapi/v1/ 162 KB
49 KB 127ms
22ms Script
application/javascript 2a01:b740:a10:f100::6
APPLE-AUSTIN

General

Check archive.org

Show headers Download Go to

Full URL

https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:b740:a10:f100::6 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),

Reverse DNS

Software

Apple /

Resource Hash

4f3604f1ead4e51e75612bbe34446f8f91b84879fa85453e8ca46a664f78b3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 3QT5LJGB36JVVGK4FZGBTHTG6Y
Date: Thu, 07 Sep 2023 13:23:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
x-b3-traceid: dc27d5a4c1df935a995c2e4c199e66f6
Via: http/1.1 defra3-edge-lx-002.ts.apple.com (acdn/4.1), http/1.1 defra3-edge-bx-018.ts.apple.com (acdn/4.1)
Age: 68628
X-Cache: hit-fresh, hit-fresh
CDNUUID: c38fee44-011e-4f4a-86b1-f4aca8061f8b-2293459080
b3: dc27d5a4c1df935a995c2e4c199e66f6-15239402c83c5d45
Connection: keep-alive
Content-Length: 48883
X-XSS-Protection: 1; mode=block
apple-tk: false
Server: Apple
apple-seq: 0
Last-Modified: Mon, 28 Aug 2023 21:01:49 GMT
apple-originating-system: payment-client-service-PROD
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-apple-request-uuid: dc27d5a4-c1df-935a-995c-2e4c199e66f6
x-b3-spanid: 15239402c83c5d45
Access-Control-Allow-Credentials: false
Cache-Control: public, max-age=86400, stale-while-revalidate=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
221 B 30ms
30ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=710079754&t=pageview&_s=1&dl=https%3A%2F%2Fbook.tab.travel%2FBFXB573&ul=en-us&de=UTF-8&dt=Pay%20for%20Booking%20at%20PM%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=659635729&gjid=561922393&cid=612967584.1694161616&tid=UA-58346818-3&_gid=193297781.1694161616&_r=1&_slc=1&gtm=45He3960n81NJG6K3H&z=2076273451

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.2/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

02bd04b5b6468df6dcd034d4f437df0f255748097cca06cba7484781a4c90381

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://book.tab.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 08:26:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://book.tab.travel
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 412155932278355 Show response
connect.facebook.net/signals/config/ 136 KB
36 KB 152ms
152ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/412155932278355?v=2.9.125&r=stable&domain=book.tab.travel

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fbbcd951df17b441c4deac306290dabe2e4d639c08320041cbc57369c4fa49c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Sep 2023 08:26:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: jvIZL8OSD0eSq7qZNnsTA8CzfJIqHdhX3sm5szPz6ada4EzL9FshjirfMptqX+4TH+3iZjLqCUzzZO4aNdxNAQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LS35P8XJTC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

903010f7366510fbac2aa6c239caeaef5f35b12149a563b76998444707acf587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82509
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Sep 2023 08:26:56 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 107ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LS35P8XJTC&gtm=45je3960&_p=710079754&ul=en-us&sr=1600x1200&cid=612967584.1694161616&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbook.tab.travel%2FBFXB573&dt=Pay%20for%20Booking%20at%20PM%20Tours&sid=1694161616&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LS35P8XJTC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 08:26:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://book.tab.travel
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 81ms
22ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=412155932278355&ev=PageView&dl=https%3A%2F%2Fbook.tab.travel%2FBFXB573&rl=&if=false&ts=1694161616571&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1694161616570.2129061692&it=1694161616387&coo=false&rqm=GET

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 08 Sep 2023 08:26:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK bootstrap-select.css
book.tab.travel/static/enrol/vendors/bower_components/bootstrap-select/dist/css/ 7 KB
8 KB 125ms
121ms Stylesheet
text/css 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://book.tab.travel/static/enrol/vendors/bower_components/bootstrap-select/dist/css/bootstrap-select.css

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

b4559464cee8693413e905bf34525d552f6156734605effc13e5c683f7725670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/BFXB573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:56 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-7514-3410175854"
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7514
Expires: Fri, 08 Sep 2023 20:26:56 GMT

GET
H/1.1 200
OK bootstrap-select-im.css
book.tab.travel/static/webapp/css/ 7 KB
8 KB 124ms
121ms Stylesheet
text/css 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://book.tab.travel/static/webapp/css/bootstrap-select-im.css

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

f5949da9c57a12212969fdaa4323e3afd477b3739c9be355f0264adea2c9f2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/BFXB573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:56 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-7566-2226394640"
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7566
Expires: Fri, 08 Sep 2023 20:26:56 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
book.tab.travel/static/webapp/js/vendor/ 35 KB
35 KB 248ms
122ms Script
application/javascript 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://book.tab.travel/static/webapp/js/vendor/bootstrap.min.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/BFXB573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:56 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-35601-1842484663"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35601
Expires: Fri, 08 Sep 2023 20:26:56 GMT

GET
H/1.1 200
OK bootstrap-select.js Show response
book.tab.travel/static/enrol/vendors/bower_components/bootstrap-select/dist/js/ 68 KB
69 KB 249ms
123ms Script
application/javascript 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://book.tab.travel/static/enrol/vendors/bower_components/bootstrap-select/dist/js/bootstrap-select.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

bf03fa86baedbce969bbc48096371e14398c96bf264fc7c712b0197156bd45f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/BFXB573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:56 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-69690-2084841110"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69690
Expires: Fri, 08 Sep 2023 20:26:56 GMT

GET
H/1.1 200
OK jquery.plainoverlay.min.js Show response
book.tab.travel/static/webapp/js/vendor/ 8 KB
9 KB 378ms
124ms Script
application/javascript 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://book.tab.travel/static/webapp/js/vendor/jquery.plainoverlay.min.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

2ad86521eb0f8cf0146eb68bea925e9e3d92f4c22b7d4dac0a452d521ef8bfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/BFXB573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:57 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-8647-1589909949"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8647
Expires: Fri, 08 Sep 2023 20:26:57 GMT

GET
H/1.1 200
OK jquery.plainmodal.min.js Show response
book.tab.travel/static/webapp/js/vendor/ 6 KB
6 KB 253ms
123ms Script
application/javascript 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://book.tab.travel/static/webapp/js/vendor/jquery.plainmodal.min.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

b3998fed7932b64ecdcfd99e929bdcf7565750d632576186a48746256ea8afcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/BFXB573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:57 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-6027-700389576"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6027
Expires: Fri, 08 Sep 2023 20:26:57 GMT

GET
H/1.1 200
OK moment-2.18.1-with-locales.min.js Show response
book.tab.travel/static/webapp/js/vendor/ 244 KB
244 KB 254ms
123ms Script
application/javascript 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://book.tab.travel/static/webapp/js/vendor/moment-2.18.1-with-locales.min.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

fe2a2226123a364a140e44b206bbbb2595065c642176697a6a6042dc0a537f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/BFXB573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:57 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-249778-4143454903"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 249778
Expires: Fri, 08 Sep 2023 20:26:57 GMT

POST
H2 200 122364926 Show response
hn.inspectlet.com/ginit/ 236 B
474 B 252ms
239ms XHR
application/json 2606:4700:10::6816:39f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hn.inspectlet.com/ginit/122364926
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.2/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5d311df9e109df8e14f2836825065e311213bc2f3706df05cef8e0245d2559f2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://book.tab.travel/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Sep 2023 08:26:57 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"ec-kdFEz75onCbpT/axHAOBnQ"
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://book.tab.travel
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8035cf3a6d2639d3-FRA
access-control-allow-headers: X-Requested-With, Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 116 KB
36 KB 458ms
85ms Script
application/javascript 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js?_=1694161616720

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/static/webapp/js/vendor/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8a803ffb4fef3ac3d5bcc99239abb1d3e1f4e2858f54c2fe135c88648f45656

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Nbqp5T5msa89O6q7V3DNbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Nbqp5T5msa89O6q7V3DNbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 08 Sep 2023 08:26:57 GMT

GET
H2 200 number-frame-1.111.html Show response
core.spreedly.com/v1/embedded/ Frame D0FE 2 KB
2 KB 36ms
35ms Document
text/html 151.101.66.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/number-frame-1.111.html

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aad3633e2016eaeb114c7bafc4a7491302a2a82474ab2d4588db2ef22be0891d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://book.tab.travel/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 149
content-length: 1973
content-type: text/html
date: Fri, 08 Sep 2023 08:26:57 GMT
etag: "7e08f2222a418cc288224dd0372e1989"
last-modified: Tue, 05 Sep 2023 13:04:42 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: lL31ovph0St5uV/VZYbNPYHXn3L2CsWNtedGtttpGLwbdqvfF+guMDOWDQ/zVRJPfLfEgD3wPfk=
x-amz-request-id: EEDV1J9NJHY3ZC0Z
x-amz-version-id: null
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-served-by: cache-fra-etou8220020-FRA, cache-fra-eddf8230029-FRA
x-timer: S1694161617.115570,VS0,VE1

GET
H2 200 cvv-frame-1.111.html Show response
core.spreedly.com/v1/embedded/ Frame F18B 5 KB
5 KB 35ms
34ms Document
text/html 151.101.66.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/cvv-frame-1.111.html

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

614b14fb9dbc9f6655bdc677fe4dfaed8df7c9c46085acf368b597f9b29a492e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://book.tab.travel/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 149
content-length: 4842
content-type: text/html
date: Fri, 08 Sep 2023 08:26:57 GMT
etag: "023107333aa836578a0fa9f40d953431"
last-modified: Tue, 05 Sep 2023 13:04:40 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: B0q1TDz3DrjeL4hBtqLn3otQ6zUCxXvmFMwajYz/vAuM/juIaWz9IPbI/UN/Vk0Spts9lhQkgK0=
x-amz-request-id: EEDH8Z8XRH8685BB
x-amz-version-id: null
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-served-by: cache-fra-etou8220103-FRA, cache-fra-eddf8230029-FRA
x-timer: S1694161617.117269,VS0,VE1

GET
H/1.1 200
OK book Show response
account.tab.travel/m/is-authenticated/ 27 B
339 B 489ms
127ms XHR
application/json 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://account.tab.travel/m/is-authenticated/book

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.2/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-133-81.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

2b2869960ab2fbb603320236c49b37201e7d632f73896a7ee35f7b1d38b66ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:57 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Server: gunicorn/19.9.0
Content-Type: application/json
Access-Control-Allow-Origin: https://book.tab.travel
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 27

GET
H2 200 number-frame-1.111.min.js Show response
core.spreedly.com/iframe/ Frame D0FE 111 KB
111 KB 35ms
34ms Script
text/javascript 151.101.66.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/number-frame-1.111.min.js?restricted=true

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/v1/embedded/number-frame-1.111.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cee255c69cdce5ecd3d1d753b72459a3e71106e406af6c304bd527723852bfeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.spreedly.com/v1/embedded/number-frame-1.111.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Fri, 08 Sep 2023 08:26:57 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 8G6TT2524NXW1XK6
age: 288
x-cache: MISS, HIT
content-length: 113368
x-amz-id-2: P25NB2WlTstRGY/vydBaTmTC6EFwBY+GZPrCtG28y+nHLdT16d3KIYX242rgkPJ+Y9B/SvqLBUg=
x-served-by: cache-fra-eddf8230105-FRA, cache-fra-eddf8230029-FRA
last-modified: Tue, 05 Sep 2023 13:04:36 GMT
server: AmazonS3
x-timer: S1694161617.154168,VS0,VE1
etag: "c9fbea2de1aa64e7fa546ba99debb279"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 localize.js Show response
global.localizecdn.com/ 61 KB
23 KB 105ms
46ms Script
application/javascript 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/localize.js

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93b3ec9b71d6f98100eb200c98db71d8cdaeb21e6871f8d2d6a014a59bdd9e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-x-amz-meta-v: 476
date: Fri, 08 Sep 2023 08:26:57 GMT
via: 1.1 9d82b8af3ace385f51687efdc41b21d0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: AqirbCIUHPZeEukYNikmovnvk0B6hp.S
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 208325
x-amz-cf-pop: CDG3-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 30 Jun 2023 12:44:06 GMT
server: cloudflare
etag: W/"ed126c23129a4e0a29fcd64d09229007"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8035cf3e8e4b68fd-FRA
x-amz-cf-id: pmCd5tdTJjsXG7NajPmOXv7gnfhFqjJ-He8x9Kwwzo5jfyD25vajBg==

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 5DC9 18 KB
8 KB 235ms
234ms Document
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbook.tab.travel&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js?_=1694161616720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23aee3ad7053f4a128aa3f9fad483e9e40f1f9ece0a432905f75af986e8559d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uGObuR6haHAeUIkjtHiBCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://book.tab.travel/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uGObuR6haHAeUIkjtHiBCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 08 Sep 2023 08:26:57 GMT
expires: Fri, 08 Sep 2023 08:26:57 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/XSMxQ46I3NGqi/ 43 B
308 B 131ms
128ms Image
text/plain 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/XSMxQ46I3NGqi/tl.gif?l=en&c=9098002

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/BFXB573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 43
pragma: no-cache
last-modified: Fri, 08 Sep 2023 08:26:57 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8035cf3efef468fd-FRA
x-amz-cf-id: wX4Cq338ApIu5iDX-bpBudAaMv7OmcRXK5jwHw_OeVCZGx1SHuYu-g==
expires: 0

GET
H3 200 tu Show response
global.localizecdn.com/api/lib/XSMxQ46I3NGqi/ 544 B
701 B 171ms
136ms XHR
application/json 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/XSMxQ46I3NGqi/tu?v=476

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.2/raven.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e35283814c341e5dde00e3c9cf3803d225aa38d649f334e4b698d68f3c8c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"220-W2h2FxLHhgrDf3TmkvKdczUgcEM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8035cf3f2fe41b93-FRA
x-amz-cf-id: R9uDdJikkxgEmHr8DTjJGfJ-Na6iqBjZyM6CJgcxrqLO9ZWV1c8DGg==
expires: 0

GET
H3 200 g Show response
global.localizecdn.com/api/lib/XSMxQ46I3NGqi/ 1 KB
914 B 77ms
43ms XHR
text/plain 2606:4700::6812:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/XSMxQ46I3NGqi/g?v=0&l=en

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.2/raven.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc232bddda6549e1a814232efaeeef22cde4ebfba8488c651842d00a75d8c45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Sep 2023 05:28:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 8035cf3f2fe21b93-FRA
x-amz-cf-id: ZuBUkePkEYDnnKkV1bQcpqcud-cDzWBSonL2pL8ppOnsa-72rzqM2A==

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5DC9 2 KB
2 KB 131ms
131ms Other
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: book.tab.travel
URL: https://book.tab.travel/BFXB573
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbook.tab.travel&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 08 Sep 2023 08:26:57 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.apx0cWln5LM.es5.O/am=AGAM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame 5DC9 155 KB
56 KB 89ms
27ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.apx0cWln5LM.es5.O/am=AGAM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrimIz5WTDTBSuFCJfoB4XkH4ocLIQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbook.tab.travel&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c0d27eed754e46fa635956bf01e5878d99115c9bc9af47def8fe5fbf76fb02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56150
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 05:27:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Sep 2024 16:15:09 GMT

GET
H/1.1 200
OK select.png
book.tab.travel/static/enrol/img/ 207 B
634 B 140ms
139ms Image
image/png 54.162.128.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.tab.travel/static/enrol/img/select.png

Requested by

Host: book.tab.travel
URL: https://book.tab.travel/static/webapp/css/bootstrap-select-im.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.162.128.250 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-128-250.compute-1.amazonaws.com

Software

gunicorn/19.9.0 /

Resource Hash

102fe3723f8d14d04020443a8db2380f7530fc48120a2f295da1a39b4d3407f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/static/webapp/css/bootstrap-select-im.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:26:58 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 vegur
Last-Modified: Mon, 04 Sep 2023 16:48:37 GMT
Server: gunicorn/19.9.0
Etag: "1693846117.0-207-1888227475"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207
Expires: Fri, 08 Sep 2023 20:26:58 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.apx0cWln5LM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kCZ... Frame 5DC9 72 KB
26 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.apx0cWln5LM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kCZq-Z2mYiU.L.B1.O/am=AGAM/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjS91kS3KMuZ_kF9IeMp0wsJiksmA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.apx0cWln5LM.es5.O/am=AGAM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrimIz5WTDTBSuFCJfoB4XkH4ocLIQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2b58bf4d8d62347a74641fe06471fcb080029f988761dc5a311da380361998b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26888
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 05:27:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Sep 2024 16:15:10 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.apx0cWln5LM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kCZ... Frame 5DC9 9 KB
4 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.apx0cWln5LM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kCZq-Z2mYiU.L.B1.O/am=AGAM/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjS91kS3KMuZ_kF9IeMp0wsJiksmA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347e9a7253ba7552f111160661be549784a294ae6a777fee3d7c8d8f438b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3929
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 05:27:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Sep 2024 17:30:02 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.apx0cWln5LM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kCZ... Frame 5DC9 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.apx0cWln5LM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kCZq-Z2mYiU.L.B1.O/am=AGAM/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjS91kS3KMuZ_kF9IeMp0wsJiksmA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2243bba3fea3a6cb706ed44a6c7b8d54337c7a00711ab373597b7808a3ab6903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13834
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 05:27:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Sep 2024 17:30:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 30ms
29ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=412155932278355&ev=Microdata&dl=https%3A%2F%2Fbook.tab.travel%2FBFXB573&rl=&if=false&ts=1694161618135&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pay%20for%20Booking%20at%20PM%20Tours%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1694161616570.2129061692&it=1694161616387&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://book.tab.travel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 08 Sep 2023 08:26:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 5DC9 1 MB
368 KB 131ms
129ms XHR
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7245e2daf9e01f8c8a00f560109f1a07259dc39d0bc67d6f34252cd1f058467

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ouXO2o4aAzQrlqYaW-MTUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:26:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ouXO2o4aAzQrlqYaW-MTUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 08 Sep 2023 08:26:58 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tab.travel/	1970-01-21 00:12:01	Name: _ga Value: GA1.2.612967584.1694161616
.tab.travel/	1970-01-20 14:37:28	Name: _gid Value: GA1.2.193297781.1694161616
.tab.travel/	1970-01-20 14:36:01	Name: _gat_UA-58346818-3 Value: 1
.tab.travel/	1970-01-21 00:12:01	Name: _ga_LS35P8XJTC Value: GS1.2.1694161616.1.0.1694161616.0.0.0
.tab.travel/	1970-01-20 16:45:37	Name: _fbp Value: fb.1.1694161616570.2129061692
.tab.travel/	1970-01-20 23:21:37	Name: __insp_wid Value: 122364926
.tab.travel/	1970-01-20 23:21:37	Name: __insp_slim Value: 1694161616987
.tab.travel/	1970-01-20 23:21:37	Name: __insp_nv Value: true
.tab.travel/	1970-01-20 23:21:37	Name: __insp_targlpu Value: aHR0cHM6Ly9ib29rLnRhYi50cmF2ZWwvQkZYQjU3Mw%3D%3D
.tab.travel/	1970-01-20 23:21:37	Name: __insp_targlpt Value: UGF5IGZvciBCb29raW5nIGF0IFBNIFRvdXJz
.tab.travel/	1970-01-20 23:21:37	Name: __insp_pad Value: 1
.tab.travel/	1970-01-20 23:21:37	Name: __insp_sid Value: 1908500671
.tab.travel/	1970-01-20 23:21:37	Name: __insp_uid Value: 2256493102
.google.com/	1970-01-20 18:59:32	Name: NID Value: 511=VkQZ2Fq4VUdGp0Jw9-K6JEMoG3OA9tjgNkC4l3cIvU_VEHgQ_veWBMK3r2BjEcUFPE9rLfv-K4b6wdzGXJq_46XuBMdbWntZj8qtkitX97BPORpGtzeGPJ-tV0BsVu19LNqatGFiRR6kxkOwYhnb_OKFvsqR2-5DhK3RCzZBG_0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.tab.travel
applepay.cdn-apple.com
book.tab.travel
cdn.book.tab.travel
cdn.inspectlet.com
cdn.ravenjs.com
connect.facebook.net
core.spreedly.com
fonts.googleapis.com
fonts.gstatic.com
global.localizecdn.com
hn.inspectlet.com
pay.google.com
region1.google-analytics.com
ucarecdn.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
151.101.66.182
2001:4860:4802:32::36
2600:9000:214f:e400:8:7bb9:3f80:93a1
2606:4700:10::6816:39f5
2606:4700::6812:5af
2a00:1450:4001:801::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c04::5c
2a01:b740:a10:f100::6
2a02:26f0:7100::213:c6aa
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::729
54.162.128.250
54.237.133.81
02bd04b5b6468df6dcd034d4f437df0f255748097cca06cba7484781a4c90381
0466d3b7eac23f85e2bb0fed11366bca7400cc8efb9e2840f3be534f1ceab1fd
102fe3723f8d14d04020443a8db2380f7530fc48120a2f295da1a39b4d3407f1
133f96ceac619d2317cd9e4e3e9f40f30929fb612c170231cb400953d3546602
17ad60b3b7863354744fc2ef2e9ce4556c6249532843992a22a968896d7814c5
2243bba3fea3a6cb706ed44a6c7b8d54337c7a00711ab373597b7808a3ab6903
23aee3ad7053f4a128aa3f9fad483e9e40f1f9ece0a432905f75af986e8559d7
2ad86521eb0f8cf0146eb68bea925e9e3d92f4c22b7d4dac0a452d521ef8bfe5
2b2869960ab2fbb603320236c49b37201e7d632f73896a7ee35f7b1d38b66ccd
2c0d27eed754e46fa635956bf01e5878d99115c9bc9af47def8fe5fbf76fb02e
3881eb4833f8be8fce6d5176ffaa038937a7ed796bb8c97bee3fea9a9cd128b9
3f1f80b2e4745ab86b2f16b3dfe6b2da366e8e8b86f0f153e7e40d88eca2c2ff
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3604f1ead4e51e75612bbe34446f8f91b84879fa85453e8ca46a664f78b3cf
5d311df9e109df8e14f2836825065e311213bc2f3706df05cef8e0245d2559f2
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5
614b14fb9dbc9f6655bdc677fe4dfaed8df7c9c46085acf368b597f9b29a492e
6e9fc1b03a7f0b322489100eb6edf03431927e82ef67c5263c5a475206035b45
6fbbcd951df17b441c4deac306290dabe2e4d639c08320041cbc57369c4fa49c
74258b7de13ab196e4cebd8af8bd2ba641e94667a1f1d7b45a6073c244d8a47e
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7e347e9a7253ba7552f111160661be549784a294ae6a777fee3d7c8d8f438b44
8775a525529f29a7a50efda011c3a107c40b10224df38c8f041acd8634ea8b9f
903010f7366510fbac2aa6c239caeaef5f35b12149a563b76998444707acf587
93b3ec9b71d6f98100eb200c98db71d8cdaeb21e6871f8d2d6a014a59bdd9e7b
98e35283814c341e5dde00e3c9cf3803d225aa38d649f334e4b698d68f3c8c9c
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
aad3633e2016eaeb114c7bafc4a7491302a2a82474ab2d4588db2ef22be0891d
ac6273f5c28a5f8fd69a28fa2be6f1756d6b8b8447a58afc98cf009ad5dda34b
b2b58bf4d8d62347a74641fe06471fcb080029f988761dc5a311da380361998b
b3998fed7932b64ecdcfd99e929bdcf7565750d632576186a48746256ea8afcf
b4559464cee8693413e905bf34525d552f6156734605effc13e5c683f7725670
b8a803ffb4fef3ac3d5bcc99239abb1d3e1f4e2858f54c2fe135c88648f45656
bc232bddda6549e1a814232efaeeef22cde4ebfba8488c651842d00a75d8c45e
bf03fa86baedbce969bbc48096371e14398c96bf264fc7c712b0197156bd45f0
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
cee255c69cdce5ecd3d1d753b72459a3e71106e406af6c304bd527723852bfeb
d242f95c8d6a2a958e9be9b5380d5418caab4f957d1eac17d695e2a8700bda84
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7245e2daf9e01f8c8a00f560109f1a07259dc39d0bc67d6f34252cd1f058467
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5949da9c57a12212969fdaa4323e3afd477b3739c9be355f0264adea2c9f2fe
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f81da8a50a778b3f5809cc367e3faa2f0faf7b668413df7846a3a3b7ec93e574
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
fa2a4d8b47bd99085f5c5ac931a3ec61d349fb9c482f92e7dd57d4eaace11675
fe2a2226123a364a140e44b206bbbb2595065c642176697a6a6042dc0a537f90

book.tab.travel Open in urlscan Pro 54.162.128.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

82 %IPv6

14 Domains

19 Subdomains

17 IPs

3 Countries

2108 kBTransfer

4251 kBSize

14 Cookies

2 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

book.tab.travel Open in urlscan Pro
54.162.128.250 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

82 %
IPv6

14
Domains

19
Subdomains

17
IPs

3
Countries

2108 kB
Transfer

4251 kB
Size

14
Cookies

51 HTTP transactions
0 data transactions