booking.kalculatedmedia.com Open in urlscan Pro
104.18.103.106 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://booking.kalculatedmedia.com/
Submission: On November 05 via api (November 5th 2024, 12:02:23 pm UTC) from US — Scanned from CA

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 47 HTTP transactions. The main IP is 104.18.103.106, located in and belongs to CLOUDFLARENET, US. The main domain is booking.kalculatedmedia.com.
TLS certificate: Issued by WE1 on October 13th 2024. Valid for: 3 months.

This is the only time booking.kalculatedmedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	104.18.103.106 104.18.103.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	173.194.207.95 173.194.207.95	15169 (GOOGLE) (GOOGLE)
3	172.217.222.95 172.217.222.95	15169 (GOOGLE) (GOOGLE)
8	104.18.102.106 104.18.102.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
4	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
2	13.107.246.40 13.107.246.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	173.194.204.94 173.194.204.94	15169 (GOOGLE) (GOOGLE)
1	173.194.204.106 173.194.204.106	15169 (GOOGLE) (GOOGLE)
2	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
2	142.251.167.138 142.251.167.138	15169 (GOOGLE) (GOOGLE)
2	173.194.175.156 173.194.175.156	15169 (GOOGLE) (GOOGLE)
2	173.194.207.155 173.194.207.155	15169 (GOOGLE) (GOOGLE)
2	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
2	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
47	16

11 104.18.103.106 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

booking.kalculatedmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.102.106 (None, )

ASN13335 (CLOUDFLARENET, US)

media.hd.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.106 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f138.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.175.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f155.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	kalculatedmedia.com 1 redirects booking.kalculatedmedia.com	631 KB
8	hd.pics media.hd.pics — Cisco Umbrella Rank: 524498	401 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 634 o.clarity.ms — Cisco Umbrella Rank: 6866 c.clarity.ms — Cisco Umbrella Rank: 1236	30 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 ajax.googleapis.com — Cisco Umbrella Rank: 412	107 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	619 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	335 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147
2	google.ca www.google.ca — Cisco Umbrella Rank: 12143	126 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
2	gstatic.com fonts.gstatic.com	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	78 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 190	770 B
47	12

	Domain	Requested by
11	booking.kalculatedmedia.com	1 redirects booking.kalculatedmedia.com
8	media.hd.pics	booking.kalculatedmedia.com
4	www.googletagmanager.com	booking.kalculatedmedia.com www.googletagmanager.com
3	ajax.googleapis.com	booking.kalculatedmedia.com
2	c.clarity.ms	1 redirects
2	o.clarity.ms	www.clarity.ms
2	www.google.ca	booking.kalculatedmedia.com
2	td.doubleclick.net	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	www.facebook.com	booking.kalculatedmedia.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.clarity.ms	booking.kalculatedmedia.com www.clarity.ms
2	connect.facebook.net	booking.kalculatedmedia.com connect.facebook.net
2	fonts.googleapis.com	booking.kalculatedmedia.com ajax.googleapis.com
1	c.bing.com	1 redirects
1	www.google.com	www.googletagmanager.com
47	17

This site contains no links.

Subject Issuer	Validity	Valid
booking.kalculatedmedia.com WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hd.pics E6	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-14` - `2024-11-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.ca WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://booking.kalculatedmedia.com/
Frame ID: 211230642DBD937E9863F4784470B794
Requests: 42 HTTP requests in this frame

Frame: https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 71DF34F10CD28628D565A66939E7FF49
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fbooking.kalculatedmedia.com
Frame ID: 8F114C3EC07C18A22D81C5C51FEE4523
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-MWE46F19LM&gacid=1291960206.1730808136&gtm=45je4au0v9123082311z89119306395za200zb9119306395&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=193473880
Frame ID: 2AD7935AF34747E1F7CECDCBF9D4DDAA
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-PC2TQ5FC02&gacid=1291960206.1730808136&gtm=45je4au0v9119313763z89119306395za200zb9119306395&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=519405511
Frame ID: 5F98A69633A470172D1DC3F4AE202CE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

List of Sites :: Kalculated Media Co.

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

47
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

16
IPs

2
Countries

1646 kB
Transfer

3480 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

Request Chain 42

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=13C1A8F80EE94456A132D300C18321B3&RedC=c.clarity.ms&MXFR=1FBFD74F179B68DC24F1C261139B6604 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=13C1A8F80EE94456A132D300C18321B3&MUID=2CE450224CEF60240F7D450C4DC56148

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
booking.kalculatedmedia.com/ 17 KB
5 KB 475ms
259ms Document
text/html 104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10db6474d324cc8e86525e5a481603404cb55168e731b097c3ff81879ea5884a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8ddcb1981ceaa22f-YYZ
content-encoding: gzip
content-type: text/html
date: Tue, 05 Nov 2024 12:02:14 GMT
server: cloudflare
vary: Accept-Encoding
x-server: WEB101

GET
H2 200 css
fonts.googleapis.com/ 1 KB
932 B 170ms
60ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

f6ac446345e9379f1da4d812545ecb917992bbba176d0facb590f0c8cf2ac97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 12:02:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 10:06:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/ 35 KB
9 KB 162ms
50ms Stylesheet
text/css 172.217.222.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.css

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f95.1e100.net

Software

sffe /

Resource Hash

44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
age: 329041
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 16:38:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 16:38:13 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8324
x-xss-protection: 0
server: sffe

GET
H2 200 all.min.css
booking.kalculatedmedia.com/art/fa/css/ 496 KB
133 KB 350ms
346ms Stylesheet
text/css 104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/art/fa/css/all.min.css
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

server: cloudflare
cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: MISS
etag: "202025f2b5f7d91:0"
cf-ray: 8ddcb199de05a22f-YYZ
expires: Wed, 06 Nov 2024 12:02:15 GMT
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: text/css
last-modified: Thu, 05 Oct 2023 18:01:20 GMT
vary: Accept-Encoding
x-server: WEB107

GET
H2 200 main.css
booking.kalculatedmedia.com/art/ 34 KB
9 KB 193ms
190ms Stylesheet
text/css 104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/art/main.css?v=487
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a87cd3eca3d1b0c5df6631e18049ab664f7911d0a8a31f8888d364f7642bb7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

server: cloudflare
cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: MISS
etag: "b484353ddcbeda1:0"
cf-ray: 8ddcb199de06a22f-YYZ
expires: Wed, 06 Nov 2024 12:02:14 GMT
accept-ranges: bytes
content-length: 9313
date: Tue, 05 Nov 2024 12:02:14 GMT
content-type: text/css
last-modified: Sat, 15 Jun 2024 04:26:48 GMT
vary: Accept-Encoding
x-server: WEB103

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
30 KB 223ms
112ms Script
text/javascript 172.217.222.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f95.1e100.net

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
age: 249241
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 02 Nov 2025 14:48:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 14:48:13 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
67 KB 167ms
57ms Script
text/javascript 172.217.222.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f95.1e100.net

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
age: 334986
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 14:59:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 14:59:08 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67948
x-xss-protection: 0
server: sffe

GET
H2 200 jquery.ui.touch-punch.min.js Show response
booking.kalculatedmedia.com/js/ 1 KB
986 B 123ms
121ms Script
application/javascript 104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/js/jquery.ui.touch-punch.min.js
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

server: cloudflare
cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: MISS
etag: "199a73bd572dd71:0"
cf-ray: 8ddcb199de07a22f-YYZ
expires: Wed, 06 Nov 2024 12:02:14 GMT
accept-ranges: bytes
content-length: 809
date: Tue, 05 Nov 2024 12:02:14 GMT
content-type: application/javascript
last-modified: Fri, 09 Apr 2021 15:48:09 GMT
vary: Accept-Encoding
x-server: WEB107

GET
H2 200 main.js Show response
booking.kalculatedmedia.com/js/ 129 KB
41 KB 162ms
159ms Script
application/javascript 104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/js/main.js?v=487
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1747095b9a1d2778b7957a888caa8ed97c18041147f39ea8f7757c8ae014231f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

server: cloudflare
cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: MISS
etag: "2060c865d12adb1:0"
cf-ray: 8ddcb199de08a22f-YYZ
expires: Wed, 06 Nov 2024 12:02:14 GMT
accept-ranges: bytes
content-length: 41937
date: Tue, 05 Nov 2024 12:02:14 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 13:41:18 GMT
vary: Accept-Encoding
x-server: WEB103

GET
H2 200 apiv2.js Show response
booking.kalculatedmedia.com/js/ 13 KB
3 KB 250ms
248ms Script
application/javascript 104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/js/apiv2.js?v=487
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76397e0690fb789c8ef9b166155ca10cc75981f2f830aa89bc8a477a3755f671

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

server: cloudflare
cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: EXPIRED
etag: "a09ca8547625db1:0"
cf-ray: 8ddcb199de09a22f-YYZ
expires: Wed, 06 Nov 2024 12:02:14 GMT
accept-ranges: bytes
content-length: 3083
date: Tue, 05 Nov 2024 12:02:14 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 18:06:49 GMT
vary: Accept-Encoding
x-server: WEB105

GET
H2 200 bsoi9ah6p3.png
media.hd.pics/1/ 17 KB
17 KB 687ms
571ms Image
image/png 104.18.102.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/1/bsoi9ah6p3.png
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.102.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a09584fcd8a5eb8452639817cfd0abab8e2cb7bcb2f705856537dc408e9d5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=2592000
x-aspnet-version: 4.0.30319
cf-cache-status: DYNAMIC
allow-range: bytes
cf-ray: 8ddcb19a8d5439f2-YYZ
access-control-allow-origin: *
content-length: 17755
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: image/png
content-disposition: filename=1/bsoi9ah6p3.png
x-server: BOT04
server: cloudflare
hd-source: w-v1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
63 KB 277ms
178ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-eU2TaJNy' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-eU2TaJNy' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=15, mss=1316, tbw=2931, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: V23XiY4URIx6tlcCz1SB6UmYzNW4EGPlhkX9HoyoDaiZ0phnKpPbCcJUccb4vKh2h4+RoDNGjdoqQUp0Gm5tBw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 css
fonts.googleapis.com/ 2 KB
677 B 62ms
59ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

76a88e0b6b9d544046ae997f238dc3d75abae4ea62d257aa5d0dd9769fdf5155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 12:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 10:06:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 289 KB
99 KB 175ms
67ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

605866b95ba4790ec48a69123ed4feaf4aa0f462441f87c6fe29f6687dee971f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 05 Nov 2024 12:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100570
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ks0vx48x2m Show response
www.clarity.ms/tag/ 689 B
1 KB 319ms
84ms Script
application/x-javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ks0vx48x2m
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3249e0e8cb2a844aea714757dd3baa72697d075707ad4eead35711a6240f8d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: application/x-javascript
x-azure-ref: 20241105T120215Z-r1c56ff7c76q5hmghC1YTO4gxg00000004t0000000003hsq

GET
H2

200

main.js Show response
booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 71DF
Redirect Chain

https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

32ms
31ms

Script
application/javascript

104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Server

104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99d1b52e7105ad35c866ad3280bd37ed7d0a425251a3c0023d6f0904a1f29ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 8ddcb19c2f8ca22f-YYZ
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray: 8ddcb19bdf33a22f-YYZ
access-control-allow-origin: *
content-length: 0
date: Tue, 05 Nov 2024 12:02:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 120ms
56ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.kalculatedmedia.com
Referer: https://fonts.googleapis.com/

Response headers

age: 503942
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 16:03:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 16:03:13 GMT
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45300
x-xss-protection: 0
server: sffe

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 78ms
51ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.kalculatedmedia.com
Referer: https://fonts.googleapis.com/

Response headers

age: 473730
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 00:26:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 00:26:45 GMT
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14940
x-xss-protection: 0
server: sffe

GET
H2 200 o4n8nd67gt.jpg
media.hd.pics/2/ 27 KB
28 KB 145ms
142ms Image
image/jpeg 104.18.102.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/o4n8nd67gt.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.102.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835d52b9c620ea3ab01d056476e3a9f5270d24fa05b8d7c312bee0e219aa9825

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "a760ddb686f1bf16eea1645ba2e75aaa"
x-wasabi-cm-reference-id: 1730808135123 38.73.225.104 ConID:1045165764/EngineConID:10284721/Core:14
expires: Wed, 06 Nov 2024 12:02:15 GMT
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: image/jpeg
last-modified: Thu, 31 Oct 2024 14:40:26 GMT
vary: Accept-Encoding
x-amz-id-2: YRClQzoNba7Q16QDyM1Sdk0OHzqfLuY1viT9sX6pIBcue3gsNUW4S1OcKlp14eRqceRobmIud2lW
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: 2CFAF35DBAE47477:B
cf-ray: 8ddcb19c3ed739f2-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27988
server: cloudflare

GET
H2 200 nomedia.jpg
booking.kalculatedmedia.com/art/ 47 KB
47 KB 142ms
140ms Image
image/jpeg 104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.kalculatedmedia.com/art/nomedia.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2925a715e16c124a26c973aaec130948f5b7077a86d1b88157de2d3bdfec64c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: public, max-age=86400
cf-cache-status: MISS
etag: "5ed74927986d31:0"
cf-ray: 8ddcb19c4fcda22f-YYZ
expires: Wed, 06 Nov 2024 12:02:15 GMT
accept-ranges: bytes
content-length: 47825
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: image/jpeg
last-modified: Fri, 05 Jan 2018 23:04:42 GMT
x-server: WEB107
server: cloudflare
vary: Accept-Encoding

GET
H2 200 b7qz8pkpd2.jpg
media.hd.pics/2/ 30 KB
30 KB 142ms
141ms Image
image/jpeg 104.18.102.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/b7qz8pkpd2.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.102.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0687f26eb304f113e315e3c20d862e3d7b79902182fecc6bc67f807dfe35a056

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "e6d0fb0692873bd373ebed13c6735db0"
x-wasabi-cm-reference-id: 1730808135116 38.73.225.103 ConID:1043310940/EngineConID:9841563/Core:11
expires: Wed, 06 Nov 2024 12:02:15 GMT
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: image/jpeg
last-modified: Sat, 31 Aug 2024 01:45:40 GMT
vary: Accept-Encoding
x-amz-id-2: GqISrVyvQ7i3jB7CkR4m/Kiu1FiCqAW+JgV8e20TF6ypf/YWpJf9/r2BaAtyyTmtT6eXmfp+aDS5
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: 6F21F8E1EDCDE8A9:B
cf-ray: 8ddcb19c4edb39f2-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30306
server: cloudflare

GET
H2 200 ebs8this2w.jpg
media.hd.pics/2/ 9 KB
9 KB 1067ms
1065ms Image
image/jpeg 104.18.102.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/ebs8this2w.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.102.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53fd9f8f10346480c5ccff312bcd24b9d41a5c76550b6a0b6ec094381ae3f2b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "7310dccb38ca43be514f9af0bc1f4acf"
x-wasabi-cm-reference-id: 1730808135116 38.73.225.102 ConID:1043310943/EngineConID:10256612/Core:26
expires: Wed, 06 Nov 2024 12:02:16 GMT
date: Tue, 05 Nov 2024 12:02:16 GMT
content-type: image/jpeg
last-modified: Mon, 02 Sep 2024 17:22:17 GMT
vary: Accept-Encoding
x-amz-id-2: q6ZjzQMzxhU358DYJaYcJqAfxEOxhc3m9xUhxzwzjQ5puDR3eqIvnbBOoQHziw99au8aLmImFyyM
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: 5A1E7C5111D571DD:A
cf-ray: 8ddcb19c4edd39f2-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9004
server: cloudflare

GET
H2 200 giqznpg81s.png
media.hd.pics/2/ 174 KB
175 KB 1126ms
1125ms Image
image/png 104.18.102.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/giqznpg81s.png
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.102.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3822ffa2107cdf0b72769b526130967e5bd16735bb6bb625aa5e2b77669136ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "04cb9b967a7ce21bcc19af10908d0e9f"
x-wasabi-cm-reference-id: 1730808135118 38.73.225.107 ConID:1044789643/EngineConID:9773022/Core:77
expires: Wed, 06 Nov 2024 12:02:16 GMT
date: Tue, 05 Nov 2024 12:02:16 GMT
content-type: image/png
last-modified: Mon, 19 Aug 2024 21:32:24 GMT
vary: Accept-Encoding
x-amz-id-2: KwLY/dW9g5CzdUw4TMe6Hf/v/5SsBG/nrqM0XDMK4Wgby/J0VbKaf1QR4GEOVjryO9+pBGoAYuzl
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: 6BF84BDA433F5514:B
cf-ray: 8ddcb19c4edf39f2-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 178294
server: cloudflare

GET
H2 200 yhfzmuottc.jpg
media.hd.pics/2/ 3 KB
3 KB 1057ms
1056ms Image
image/jpeg 104.18.102.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/yhfzmuottc.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.102.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 139d59ccc19a2c971b168f621bee0efacb8189c84cc5c206903213401c5f8ed2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "d36c49d11f428e116ba4ad4c0cab38c5"
x-wasabi-cm-reference-id: 1730808135116 38.73.225.101 ConID:1048493988/EngineConID:9783369/Core:99
expires: Wed, 06 Nov 2024 12:02:16 GMT
date: Tue, 05 Nov 2024 12:02:16 GMT
content-type: image/jpeg
last-modified: Thu, 29 Aug 2024 17:45:52 GMT
vary: Accept-Encoding
x-amz-id-2: wfWUMv6OY/bQZ5FfI8cXICPVGvNqiH68sgErvv/91XX6A6cJ8ys2e93Fx5nMK4cTGscG9PRc2zHu
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: 6452ACE91DA32F63:B
cf-ray: 8ddcb19c4ee039f2-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3275
server: cloudflare

GET
H2 200 fa-regular-400.woff2
booking.kalculatedmedia.com/art/fa/webfonts/ 386 KB
387 KB 150ms
138ms Font
font/woff2 104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/art/fa/webfonts/fa-regular-400.woff2
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/art/fa/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.kalculatedmedia.com
Referer: https://booking.kalculatedmedia.com/art/fa/css/all.min.css

Response headers

cache-control: public, max-age=86400
cf-cache-status: MISS
etag: "2b1a643c1f7d91:0"
cf-ray: 8ddcb19df8e3a22f-YYZ
expires: Wed, 06 Nov 2024 12:02:15 GMT
accept-ranges: bytes
content-length: 395444
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: font/woff2
last-modified: Thu, 05 Oct 2023 19:22:21 GMT
x-server: WEB104
server: cloudflare
vary: Accept-Encoding

POST
H2 200 8ddcb1981ceaa22f Show response
booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 71DF 0
633 B 66ms
44ms XHR
text/plain 104.18.103.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ddcb1981ceaa22f
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.103.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8ddcb19de8d3a22f-YYZ
content-length: 0
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.53/ 65 KB
28 KB 79ms
78ms Script
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.53/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ks0vx48x2m
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6cbfddb4735bdca8b4d594c0222541a0aa1f53ee6b4359647960ed164f595863

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

x-azure-ref: 20241105T120215Z-r1c56ff7c76q5hmghC1YTO4gxg00000004t0000000003hsx
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCFCF01CE35FFD"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 3a1c1e33-701e-003e-59d9-2eb9a4000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2024 16:45:38 GMT

GET
H3 200 230469054215394 Show response
connect.facebook.net/signals/config/ 78 KB
15 KB 117ms
117ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/230469054215394?v=2.9.176&r=stable&domain=booking.kalculatedmedia.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

e6eff30129cac04ac060805556f0aec4ad04db05a21d5d30b0b215abf2a4f87f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-IWJ6GqQb' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-IWJ6GqQb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=5688, tp=10, tpl=0, uplat=74, ullat=0
pragma: public
x-fb-debug: HuU78zrzeKM5sAtGKtEXQ6htMbAU61sBCVTy0ccO8TZWMV36SBm75lDzDh6nAwDiWCZfoSimu3bgzrfvtSEcIg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 356 KB
119 KB 70ms
67ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

23733782d3d8c6344f76c9711d3922497293012b971aadaa728486c1a0f1ddc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 12:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 121385
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 248ms
89ms Ping
text/plain 173.194.204.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=857337128.1730808135&auid=464529060.1730808135&npa=0&gtm=45He4au0v9119306395za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&tft=1730808135447&tfd=1259&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.194.204.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qb-in-f106.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 351 KB
117 KB 103ms
102ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7d0abc4442452a53b5dd967360cd9bd3137d2d3113ca3e5fa43f85a062ea5651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 12:02:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 119651
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 8F11 0
0 165ms
51ms Document
text/html 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fbooking.kalculatedmedia.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 12:02:15 GMT
expires: Wed, 05 Nov 2025 12:02:15 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 166ms
43ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230469054215394&ev=PageView&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&rl=&if=false&ts=1730808135573&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730808135566.718343880277820830&cs_est=true&ler=empty&cdl=API_unavailable&it=1730808135400&coo=false&rqm=GET

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1316, tbw=2959, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 215ms
93ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=230469054215394&ev=PageView&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&rl=&if=false&ts=1730808135573&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730808135566.718343880277820830&cs_est=true&ler=empty&cdl=API_unavailable&it=1730808135400&coo=false&rqm=FGET

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433764336263870296"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: h0on0T0K5epn98fWnMl9rB8bQ8hQEbjwj9Re73X3vr7Je5jpLSH5gNblp0fQBaPDrqt9QwWDyeoR5hKi+JxTKw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433764336263870296", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1316, tbw=3277, tp=-1, tpl=-1, uplat=49, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 204 collect
analytics.google.com/g/ 0
0 139ms
52ms Fetch
text/plain 142.251.167.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MWE46F19LM&gtm=45je4au0v9123082311z89119306395za200zb9119306395&_p=1730808134977&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1291960206.1730808136&ecid=433891006&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1730808135&sct=1&seg=0&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&dt=List%20of%20Sites%20%3A%3A%20Kalculated%20Media%20Co.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1498
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.167.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f138.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://booking.kalculatedmedia.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
562 B 194ms
54ms Ping
text/plain 173.194.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MWE46F19LM&cid=1291960206.1730808136&gtm=45je4au0v9123082311z89119306395za200zb9119306395&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qs-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://booking.kalculatedmedia.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 2AD7 0
0 187ms
59ms Document
text/html 173.194.207.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-MWE46F19LM&gacid=1291960206.1730808136&gtm=45je4au0v9123082311z89119306395za200zb9119306395&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=193473880

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.kalculatedmedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 12:02:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 170ms
104ms Image
image/gif 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MWE46F19LM&cid=1291960206.1730808136&gtm=45je4au0v9123082311z89119306395za200zb9119306395&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=1045606869

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 05 Nov 2024 12:02:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 53ms
52ms Fetch
text/plain 142.251.167.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PC2TQ5FC02&gtm=45je4au0v9119313763z89119306395za200zb9119306395&_p=1730808134977&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1291960206.1730808136&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730808135&sct=1&seg=0&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&dt=List%20of%20Sites%20%3A%3A%20Kalculated%20Media%20Co.&en=page_view&_fv=1&_ss=1&tfd=1628
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.167.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f138.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://booking.kalculatedmedia.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 65ms
54ms Ping
text/plain 173.194.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PC2TQ5FC02&cid=1291960206.1730808136&gtm=45je4au0v9119313763z89119306395za200zb9119306395&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qs-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://booking.kalculatedmedia.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:15 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 5F98 0
0 63ms
53ms Document
text/html 173.194.207.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-PC2TQ5FC02&gacid=1291960206.1730808136&gtm=45je4au0v9119313763z89119306395za200zb9119306395&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=519405511

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.kalculatedmedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 12:02:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 105ms
104ms Image
image/gif 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PC2TQ5FC02&cid=1291960206.1730808136&gtm=45je4au0v9119313763z89119306395za200zb9119306395&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=1436934409

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 05 Nov 2024 12:02:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 143ms
45ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.53/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://booking.kalculatedmedia.com/

Response headers

Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin: https://booking.kalculatedmedia.com
Date: Tue, 05 Nov 2024 12:02:16 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=13C1A8F80EE94456A132D300C18321B3&RedC=c.clarity.ms&MXFR=1FBFD74F179B68DC24F1C261139B6604
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=13C1A8F80EE94456A132D300C18321B3&MUID=2CE450224CEF60240F7D450C4DC56148

42 B
442 B

45ms
44ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=13C1A8F80EE94456A132D300C18321B3&MUID=2CE450224CEF60240F7D450C4DC56148
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Tue, 05 Nov 2024 12:02:16 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=13C1A8F80EE94456A132D300C18321B3&MUID=2CE450224CEF60240F7D450C4DC56148
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F7DEE8E6BD0240A1B40460A2451BE675 Ref B: YTO01EDGE0808 Ref C: 2024-11-05T12:02:16Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Tue, 05 Nov 2024 12:02:16 GMT
x-powered-by: ASP.NET

GET
H2 200 g7b4xtafgd.png
media.hd.pics/1/ 139 KB
139 KB 445ms
443ms Other
image/png 104.18.102.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.hd.pics/1/g7b4xtafgd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.102.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5425a51680abbb73017c4441811a583e068ff5c56b4755f6aeeb257f0e6cda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=2592000
x-aspnet-version: 4.0.30319
cf-cache-status: DYNAMIC
allow-range: bytes
cf-ray: 8ddcb1a3fc2539f2-YYZ
access-control-allow-origin: *
content-length: 141977
date: Tue, 05 Nov 2024 12:02:16 GMT
content-type: image/png
content-disposition: filename=1/g7b4xtafgd.png
x-server: BOT01
server: cloudflare
hd-source: w-v1

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 95ms
87ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.53/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://booking.kalculatedmedia.com/

Response headers

Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin: https://booking.kalculatedmedia.com
Date: Tue, 05 Nov 2024 12:02:17 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 g7b4xtafgd.png
media.hd.pics/1/ 139 KB
0 2ms
2ms Other
image/png 104.18.102.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.hd.pics/1/g7b4xtafgd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.102.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5425a51680abbb73017c4441811a583e068ff5c56b4755f6aeeb257f0e6cda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=2592000
x-aspnet-version: 4.0.30319
cf-cache-status: DYNAMIC
allow-range: bytes
cf-ray: 8ddcb1a3fc2539f2-YYZ
access-control-allow-origin: *
content-length: 141977
date: Tue, 05 Nov 2024 12:02:16 GMT
content-type: image/png
content-disposition: filename=1/g7b4xtafgd.png
x-server: BOT01
server: cloudflare
hd-source: w-v1

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.booking.kalculatedmedia.com/	1970-01-21 09:32:24	Name: sid2 Value: E95E4E2D2D9E4060BBD49497806F7F71
www.clarity.ms/	1970-01-21 09:32:24	Name: CLID Value: 96bf8b108828439690fadcd765b37a1f.20241105.20251105
.booking.kalculatedmedia.com/	1970-01-21 09:32:24	Name: cf_clearance Value: DIXVAyp1IEVGq0DAes4LwB2YBsInubKDfCcKyS6eVds-1730808135-1.2.1.1-WhdgvFxnEFAW88w5h9ccCPgHTjJbAS3CSyy0bOUIzlgBqb2SYsKnr1UBl74JzruSn5kIwcYh92yC0C5DsSahotaAiEpqKR2apJmiQQHWPpO9dKvCzfahX7Y3AfUakZq1vAGycm9fAJii_rInjft0ZaLcfTrP_42OfrCJJsC167Z1jVeUDxVMQ93YdKFWjJkNY6muP30ln_OWsQC1MJHc1RMpnAFlybWOcelQsggFJrqQDo9M8rfdD9dHsjtXWqNBKAbhP9VyRuOsJ3Gp9aEdbXqn8wqGM0f9ODqfVJf8rXphBQlrw61ePEHCzchcyP4ZibdLYRwY8phluqcQZXlVab184_wNylj5faRGhj.lqMShO4w5jXikVktOAqNXCdT7
.kalculatedmedia.com/	1970-01-21 02:56:24	Name: _gcl_au Value: 1.1.464529060.1730808135
.kalculatedmedia.com/	1970-01-21 09:32:24	Name: _clck Value: 1ssfeb1%7C2%7Cfqm%7C0%7C1770
.kalculatedmedia.com/	1970-01-21 02:56:24	Name: _fbp Value: fb.1.1730808135566.718343880277820830
.kalculatedmedia.com/	1970-01-21 10:22:48	Name: _ga_MWE46F19LM Value: GS1.1.1730808135.1.0.1730808135.60.0.433891006
.kalculatedmedia.com/	1970-01-21 10:22:48	Name: _ga Value: GA1.1.1291960206.1730808136
.kalculatedmedia.com/	1970-01-21 10:22:48	Name: _ga_PC2TQ5FC02 Value: GS1.1.1730808135.1.0.1730808135.60.0.0
.doubleclick.net/	1970-01-21 00:46:49	Name: test_cookie Value: CheckForPermission
.kalculatedmedia.com/	1970-01-21 00:48:14	Name: _clsk Value: dwfaj3%7C1730808136058%7C1%7C1%7Co.clarity.ms%2Fcollect
.bing.com/	1970-01-21 10:08:24	Name: MUID Value: 2CE450224CEF60240F7D450C4DC56148
.c.bing.com/	1970-01-21 00:56:52	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:08:24	Name: SRM_B Value: 2CE450224CEF60240F7D450C4DC56148
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:08:24	Name: MUID Value: 2CE450224CEF60240F7D450C4DC56148
.c.clarity.ms/	1970-01-21 00:56:52	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:46:48	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://booking.kalculatedmedia.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
booking.kalculatedmedia.com
c.bing.com
c.clarity.ms
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
media.hd.pics
o.clarity.ms
stats.g.doubleclick.net
td.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
104.18.102.106
104.18.103.106
13.107.21.237
13.107.246.40
142.251.16.94
142.251.167.138
172.217.222.95
172.217.222.97
173.194.175.156
173.194.204.106
173.194.204.94
173.194.207.155
173.194.207.95
20.110.205.119
31.13.66.19
31.13.66.35
52.152.143.207
0687f26eb304f113e315e3c20d862e3d7b79902182fecc6bc67f807dfe35a056
10db6474d324cc8e86525e5a481603404cb55168e731b097c3ff81879ea5884a
139d59ccc19a2c971b168f621bee0efacb8189c84cc5c206903213401c5f8ed2
1747095b9a1d2778b7957a888caa8ed97c18041147f39ea8f7757c8ae014231f
23733782d3d8c6344f76c9711d3922497293012b971aadaa728486c1a0f1ddc8
3249e0e8cb2a844aea714757dd3baa72697d075707ad4eead35711a6240f8d2a
3822ffa2107cdf0b72769b526130967e5bd16735bb6bb625aa5e2b77669136ef
3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
53fd9f8f10346480c5ccff312bcd24b9d41a5c76550b6a0b6ec094381ae3f2b7
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5a87cd3eca3d1b0c5df6631e18049ab664f7911d0a8a31f8888d364f7642bb7b
605866b95ba4790ec48a69123ed4feaf4aa0f462441f87c6fe29f6687dee971f
6cbfddb4735bdca8b4d594c0222541a0aa1f53ee6b4359647960ed164f595863
6d5425a51680abbb73017c4441811a583e068ff5c56b4755f6aeeb257f0e6cda
76397e0690fb789c8ef9b166155ca10cc75981f2f830aa89bc8a477a3755f671
76a88e0b6b9d544046ae997f238dc3d75abae4ea62d257aa5d0dd9769fdf5155
7d0abc4442452a53b5dd967360cd9bd3137d2d3113ca3e5fa43f85a062ea5651
835d52b9c620ea3ab01d056476e3a9f5270d24fa05b8d7c312bee0e219aa9825
8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d1b52e7105ad35c866ad3280bd37ed7d0a425251a3c0023d6f0904a1f29ea7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
c2925a715e16c124a26c973aaec130948f5b7077a86d1b88157de2d3bdfec64c
c2a09584fcd8a5eb8452639817cfd0abab8e2cb7bcb2f705856537dc408e9d5b
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6eff30129cac04ac060805556f0aec4ad04db05a21d5d30b0b215abf2a4f87f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6ac446345e9379f1da4d812545ecb917992bbba176d0facb590f0c8cf2ac97b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

booking.kalculatedmedia.com Open in urlscan Pro 104.18.103.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

0 %IPv6

12 Domains

17 Subdomains

16 IPs

2 Countries

1646 kBTransfer

3480 kBSize

18 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

booking.kalculatedmedia.com Open in urlscan Pro
104.18.103.106 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

16
IPs

2
Countries

1646 kB
Transfer

3480 kB
Size

18
Cookies

47 HTTP transactions
0 data transactions