www.rooms.hotelbooking.pk Open in urlscan Pro
2a04:4e42:1b::390 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.rooms.hotelbooking.pk/
Effective URL:
https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Submission: On February 22 via automatic, source certstream-suspicious (February 22nd 2020, 4:09:43 am UTC)

Summary HTTP 27 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2a04:4e42:1b::390, located in Ascension Island and belongs to FASTLY, US. The main domain is www.rooms.hotelbooking.pk.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 23rd 2019. Valid for: 3 months.

This is the only time www.rooms.hotelbooking.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2a04:4e42:1b:... 2a04:4e42:1b::390	54113 (FASTLY) (FASTLY)
10	104.108.44.250 104.108.44.250	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1 2	172.217.22.102 172.217.22.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
2	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
3	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
27	11

5 2a04:4e42:1b::390 (Ascension Island) 1 redirects

ASN54113 (FASTLY, US)

www.rooms.hotelbooking.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.108.44.250 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-44-250.deploy.static.akamaitechnologies.com

cdn.datahc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f6.1e100.net

6340566.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.220.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-pxqukd4lo9.perimeterx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	datahc.com cdn.datahc.com	393 KB
5	doubleclick.net 1 redirects 6340566.fls.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	8 KB
5	hotelbooking.pk 1 redirects www.rooms.hotelbooking.pk	55 KB
3	perimeterx.net collector-pxqukd4lo9.perimeterx.net	1 KB
2	google.com www.google.com
1	googletagservices.com www.googletagservices.com	27 KB
1	gstatic.com www.gstatic.com	93 KB
1	recaptcha.net www.recaptcha.net	801 B
1	googletagmanager.com www.googletagmanager.com	24 KB
27	9

	Domain	Requested by
10	cdn.datahc.com	www.rooms.hotelbooking.pk cdn.datahc.com
5	www.rooms.hotelbooking.pk	1 redirects www.rooms.hotelbooking.pk cdn.datahc.com
3	collector-pxqukd4lo9.perimeterx.net	www.rooms.hotelbooking.pk
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	www.google.com	www.gstatic.com
2	6340566.fls.doubleclick.net	1 redirects cdn.datahc.com
1	www.googletagservices.com	ad.doubleclick.net
1	www.gstatic.com	www.recaptcha.net
1	ad.doubleclick.net	www.googletagmanager.com
1	www.recaptcha.net	www.rooms.hotelbooking.pk
1	www.googletagmanager.com	cdn.datahc.com
27	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
pinterest.com
blog.hotelscombined.com
itunes.apple.com
play.google.com
affiliates.hotelscombined.com
www.hotelscombined.com

Subject Issuer	Validity	Valid
brands.datahc.com Let's Encrypt Authority X3	`2019-12-23` - `2020-03-22`	3 months	crt.sh
secure.hotelscombined.com GeoTrust RSA CA 2018	`2019-09-09` - `2020-09-07`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
misc.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
perimeterx.net GeoTrust RSA CA 2018	`2019-07-03` - `2021-08-31`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Frame ID: 8C29B446C36A8C599D77D8BAD3AF01BD
Requests: 24 HTTP requests in this frame

Frame: https://6340566.fls.doubleclick.net/activityi;dc_pre=CKuHhO-k5OcCFSHkuwgdynMHmg;src=6340566;type=audie0;cat=globa0;u1=;u2=;u3=;u4=0;u5=;u6=;u7=0;u8=;u9=EN;u10=USD;u11=DesktopWeb;u12=Desktop;u13=d2bf38ed-c858-4200-bb61-199ea8e37d73;u14=b950af4f-4ad6-4af5-898f-9683a2789b12;u15=;u16=Direct;u17=400;u18=;u19=;u20=;u21=Other;u22=US;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890453984517.293
Frame ID: B482B8FB834F2753E954B7C7987DD828
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcj-R8TAAAAABs3FrRPuQhLMbp5QrHsHufzLf7b&co=aHR0cHM6Ly93d3cucm9vbXMuaG90ZWxib29raW5nLnBrOjQ0Mw..&hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&theme=dark&size=normal&cb=snpylt2r320m
Frame ID: 1944DD33C457C0363B4D80DD9CAEE9EF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&k=6Lcj-R8TAAAAABs3FrRPuQhLMbp5QrHsHufzLf7b&cb=iq2urhc59xas
Frame ID: 20DB6B2A0E4DFBC4A26A80E6E96E0296
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.rooms.hotelbooking.pk/ HTTP 302
https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=... Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

27
Requests

85 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

601 kB
Transfer

1575 kB
Size

10
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HotelsCombined
Title:

Search URL Search Domain Scan URL

URL: https://www.twitter.com/HotelsCombined
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/hotelscombined
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/hotelscombined/
Title:

Search URL Search Domain Scan URL

URL: https://blog.hotelscombined.com/
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/hotelscombined-hotel-search/id378011496?mt=8
Title: iPhone & iPad

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.hotelscombined.mobile
Title: Android

Search URL Search Domain Scan URL

URL: https://affiliates.hotelscombined.com/?referrerID=400&languageCode=EN
Title: Affiliate Program

Search URL Search Domain Scan URL

URL: https://www.hotelscombined.com/privacy/manage
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.rooms.hotelbooking.pk/ HTTP 302
https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://6340566.fls.doubleclick.net/activityi;src=6340566;type=audie0;cat=globa0;u1=;u2=;u3=;u4=0;u5=;u6=;u7=0;u8=;u9=EN;u10=USD;u11=DesktopWeb;u12=Desktop;u13=d2bf38ed-c858-4200-bb61-199ea8e37d73;u14=b950af4f-4ad6-4af5-898f-9683a2789b12;u15=;u16=Direct;u17=400;u18=;u19=;u20=;u21=Other;u22=US;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890453984517.293 HTTP 302
https://6340566.fls.doubleclick.net/activityi;dc_pre=CKuHhO-k5OcCFSHkuwgdynMHmg;src=6340566;type=audie0;cat=globa0;u1=;u2=;u3=;u4=0;u5=;u6=;u7=0;u8=;u9=EN;u10=USD;u11=DesktopWeb;u12=Desktop;u13=d2bf38ed-c858-4200-bb61-199ea8e37d73;u14=b950af4f-4ad6-4af5-898f-9683a2789b12;u15=;u16=Direct;u17=400;u18=;u19=;u20=;u21=Other;u22=US;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890453984517.293

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1deea2a0-5529-11ea-b8a1-9f33bed6cc49 Show response
www.rooms.hotelbooking.pk/TrafficInspection/
Redirect Chain

https://www.rooms.hotelbooking.pk/
https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0

50 KB
13 KB

148ms
146ms

Document
text/html

2a04:4e42:1b::390
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::390 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4eccd81cea93b47379613414ff1729dff7e127180f242a8bada37dc8e7aa6ed8

Request headers

:method: GET
:authority: www.rooms.hotelbooking.pk
:scheme: https
:path: /TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _pxhd=50c67cb0e96ca8b6817cb73da93bd4c3a48014dd2825751e6f958bde0c9028b4:1deea2a1-5529-11ea-b8a1-9f33bed6cc49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
set-cookie: VisitType=1; path=/; secure; SameSite=None a_aid=400; expires=Mon, 22-Feb-2021 04:09:27 GMT; path=/; secure; SameSite=None countryCode=US; expires=Sat, 22-Feb-2020 06:09:27 GMT; path=/; secure; SameSite=None languageCode=EN; expires=Tue, 22-Feb-2050 04:09:27 GMT; path=/; secure; SameSite=None currencyCode=USD; expires=Tue, 22-Feb-2050 04:09:27 GMT; path=/; secure; SameSite=None dcid=DAL01; path=/; secure; SameSite=None VisitType=1; path=/; secure; SameSite=None a_aid=400; expires=Mon, 22-Feb-2021 04:09:27 GMT; path=/; secure; SameSite=None countryCode=US; expires=Sat, 22-Feb-2020 06:09:27 GMT; path=/; secure; SameSite=None languageCode=EN; expires=Tue, 22-Feb-2050 04:09:27 GMT; path=/; secure; SameSite=None currencyCode=USD; expires=Tue, 22-Feb-2050 04:09:27 GMT; path=/; secure; SameSite=None dcid=DAL01; path=/; secure; SameSite=None __RequestVerificationToken=0RXCZJIzNZ2gzPfMSfmXkeqe2uCx0BvYRCd2VzzWB6trbIYJTImuntI5yyZBYvtol3cVquodI1vQe09RY0EMiDcXxjU1; path=/; HttpOnly Tests=6586000901000A1101CE1001FB1001FE00020510020710021111021520021C00021D10021F10022010022400022910022D10023000023110023320023410023A00023C00023E11023F10E5A8; expires=Mon, 22-Feb-2021 04:09:27 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
accept-ranges: bytes bytes
date: Sat, 22 Feb 2020 04:09:27 GMT
vary: Accept-Encoding
content-length: 13016

Redirect headers

status: 302
content-type: text/html; charset=utf-8
location: /TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
server: Microsoft-IIS/8.5
set-cookie: _pxhd=50c67cb0e96ca8b6817cb73da93bd4c3a48014dd2825751e6f958bde0c9028b4:1deea2a1-5529-11ea-b8a1-9f33bed6cc49; path=/
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
accept-ranges: bytes bytes bytes bytes
age: 0 0 0
date: Sat, 22 Feb 2020 04:09:27 GMT
content-length: 228

GET
H/1.1 200
OK StyleSheet.ashx
cdn.datahc.com/Styles/ 28 KB
5 KB 99ms
26ms Stylesheet
text/css 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datahc.com/Styles/StyleSheet.ashx?key=JQueryUiMain&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86285106f338b0d7be96d482d34fa40359656a92c9e739473cbf1d0b9ad9b867

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Cteonnt-Length: 28259
Date: Sat, 22 Feb 2020 04:09:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Cache-Control: private, max-age=57450
Connection: keep-alive
Content-Type: text/css; charset=utf-8
Content-Length: 4692

GET
H/1.1 200
OK StyleSheet.ashx
cdn.datahc.com/Styles/ 258 KB
43 KB 121ms
48ms Stylesheet
text/css 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datahc.com/Styles/StyleSheet.ashx?key=Main&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8004417c083733baffbee6d2325e68404a8c6d812ce693076d397fdb02e26cf1

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Cteonnt-Length: 264079
Date: Sat, 22 Feb 2020 04:09:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Cache-Control: private, max-age=57509
Connection: keep-alive
Content-Type: text/css; charset=utf-8
Content-Length: 44077

GET
H/1.1 200
OK Master Show response
cdn.datahc.com/Script/Bundles/ 571 KB
194 KB 118ms
45ms Script
text/javascript 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datahc.com/Script/Bundles/Master?v=guQVPOrPmfTJDH2FRGK0fUUFJzuuYvY1yoanINFjsiA1&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb362910b8888d82b36c3cb56cc1b310cd560bf8ebf987a690d79c6e9b57c2b3

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Cteonnt-Length: 584235
Date: Sat, 22 Feb 2020 04:09:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 00:55:48 GMT
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Cache-Control: private, max-age=31351581
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 197927
Expires: Fri, 19 Feb 2021 00:55:48 GMT

GET
H/1.1 200
OK hc_logo@2x.png
cdn.datahc.com/Content/Images/Desktop/Main/ 6 KB
6 KB 104ms
31ms Image
image/png 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.datahc.com/Content/Images/Desktop/Main/hc_logo@2x.png?cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0aa6485a6e11f71a907363729dcdfb849bb6eb836fbdeec9e9db329c0484a99d

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 04:09:27 GMT
Last-Modified: Wed, 19 Feb 2020 07:09:08 GMT
ETag: "0c2437af3e6d51:0"
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
X-N: S
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 6230

GET
H/1.1 200
OK hc_loader1.gif
cdn.datahc.com/Content/Images/Desktop/Shared/ 4 KB
4 KB 105ms
31ms Image
image/gif 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.datahc.com/Content/Images/Desktop/Shared/hc_loader1.gif?cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b8fb94e9ed195b7a6342d6c963ff3244bec679147927ee5d7e784520ce8a22ab

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 04:09:27 GMT
Last-Modified: Wed, 19 Feb 2020 07:09:00 GMT
ETag: "0e7f75f3e6d51:0"
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
X-N: S
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 4282

GET
H2 200 captcha.js Show response
www.rooms.hotelbooking.pk/QUkd4lO9/captcha/ 23 KB
11 KB 134ms
133ms Script
application/javascript 2a04:4e42:1b::390
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rooms.hotelbooking.pk/QUkd4lO9/captcha/captcha.js?a=c&u=1deea2a0-5529-11ea-b8a1-9f33bed6cc49&v=&m=0
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::390 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 59af1fb7373727b66c4fff30a5df526277184b81cc480da55e893ccd384e35f0

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 22 Feb 2020 04:09:27 GMT
content-encoding: gzip
last-modified: Thu, 13 Feb 2020 09:19:34 GMT
server: Microsoft-IIS/10.0
age: 255
status: 200
etag: W/"5d12-1703dd8a870"
vary: Accept-Encoding
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
cache-control: public, max-age=600
accept-ranges: bytes, bytes, bytes
content-type: application/javascript; charset=UTF-8
content-length: 10791

POST
H2 200 LogEvent Show response
www.rooms.hotelbooking.pk/Handlers/ExperimentHandler/ 0
27 B 133ms
132ms XHR
text/plain 2a04:4e42:1b::390
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rooms.hotelbooking.pk/Handlers/ExperimentHandler/LogEvent
Requested by: Host: cdn.datahc.com
URL: https://cdn.datahc.com/Script/Bundles/Master?v=guQVPOrPmfTJDH2FRGK0fUUFJzuuYvY1yoanINFjsiA1&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::390 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Origin: https://www.rooms.hotelbooking.pk
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Sat, 22 Feb 2020 04:09:27 GMT
accept-ranges: bytes, bytes
content-length: 0
p3p: CP="NOI DEVa TAIa OUR BUS UNI"

GET
H/1.1 200
OK hc_bg_overlay.png
cdn.datahc.com/Images/ 933 B
1 KB 30ms
29ms Image
image/png 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.datahc.com/Images/hc_bg_overlay.png?1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 551b00ace1abaa100760e36cbe16d8be29102e6a09689dcb183420742415f085

Request headers

Referer: https://cdn.datahc.com/Styles/StyleSheet.ashx?key=Main&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 04:09:27 GMT
Last-Modified: Wed, 19 Feb 2020 07:09:14 GMT
ETag: "049d77df3e6d51:0"
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Cache-Control: public, max-age=31372839
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 933

GET
H/1.1 200
OK hc_flags.png
cdn.datahc.com/Images/ 23 KB
24 KB 37ms
36ms Image
image/png 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.datahc.com/Images/hc_flags.png?1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Requested by: Host: cdn.datahc.com
URL: https://cdn.datahc.com/Script/Bundles/Master?v=guQVPOrPmfTJDH2FRGK0fUUFJzuuYvY1yoanINFjsiA1&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d8d82d9701c57e1c72b20d09838d87a3db6096f2b33a03c8aa4dcf98f1b01075

Request headers

Referer: https://cdn.datahc.com/Styles/StyleSheet.ashx?key=Main&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 04:09:27 GMT
Last-Modified: Wed, 19 Feb 2020 07:09:18 GMT
ETag: "0a33980f3e6d51:0"
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Cache-Control: public, max-age=31372791
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 23904

GET
H/1.1 200
OK BrezelGroteskWeb-Regular_20141118.woff
cdn.datahc.com/Content/Fonts/ 45 KB
46 KB 94ms
43ms Font
application/x-font-woff 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datahc.com/Content/Fonts/BrezelGroteskWeb-Regular_20141118.woff
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 49c68ad5abd40cbc63f74678fa695205159bf6276e168409e1912e95c1a02835

Request headers

Referer: https://cdn.datahc.com/Styles/StyleSheet.ashx?key=Main&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Origin: https://www.rooms.hotelbooking.pk
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 22 Feb 2020 04:09:27 GMT
Last-Modified: Wed, 19 Feb 2020 07:09:10 GMT
ETag: "0ef747bf3e6d51:0"
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-font-woff
Content-Length: 46379

GET
H2 200 init.js Show response
www.rooms.hotelbooking.pk/QUkd4lO9/ 83 KB
30 KB 222ms
222ms Script
application/javascript 2a04:4e42:1b::390
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rooms.hotelbooking.pk/QUkd4lO9/init.js
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/QUkd4lO9/captcha/captcha.js?a=c&u=1deea2a0-5529-11ea-b8a1-9f33bed6cc49&v=&m=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::390 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 11fce086974d3d0a2cd1c863616c7b7a51a51bd5f41343bb196063e5a69e76db

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 22 Feb 2020 04:09:27 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
age: 371
status: 200
etag: W/"14a46-eyoMwdDnvWW4Cfo6DUopD27xbUs"
vary: Accept-Encoding
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
cache-control: public, max-age=600
accept-ranges: bytes, bytes, bytes
content-type: application/javascript; charset=utf-8
content-length: 30860

GET
H/1.1 200
OK hc_icons2.png
cdn.datahc.com/Content/Images/Desktop/Shared/ 10 KB
10 KB 29ms
29ms Image
image/png 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.datahc.com/Content/Images/Desktop/Shared/hc_icons2.png?1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f9361f0dea6a57dc8b1293de943b83f02176a220273edfe2f2931541717421d

Request headers

Referer: https://cdn.datahc.com/Styles/StyleSheet.ashx?key=Main&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 22 Feb 2020 04:09:27 GMT
Last-Modified: Wed, 19 Feb 2020 07:09:02 GMT
ETag: "03bb076f3e6d51:0"
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
X-N: S
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 10240

GET
H/1.1 200
OK hc_20190225.woff
cdn.datahc.com/Content/Fonts/ 59 KB
60 KB 97ms
44ms Font
application/x-font-woff 104.108.44.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datahc.com/Content/Fonts/hc_20190225.woff
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.44.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-44-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6318904bb3e86e8fb720ecea7608c3919447b762e6a9d340e6bf04832e917648

Request headers

Referer: https://cdn.datahc.com/Styles/StyleSheet.ashx?key=Main&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12
Origin: https://www.rooms.hotelbooking.pk
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 22 Feb 2020 04:09:27 GMT
Last-Modified: Wed, 19 Feb 2020 07:09:30 GMT
ETag: "0b16087f3e6d51:0"
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-font-woff
Content-Length: 60812

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 62 KB
24 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K9RDZ5P&l=__hcgtm

Requested by

Host: cdn.datahc.com
URL: https://cdn.datahc.com/Script/Bundles/Master?v=guQVPOrPmfTJDH2FRGK0fUUFJzuuYvY1yoanINFjsiA1&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20972b2407a4c67b2e59d1ceea230bfed5d8b34a2440b40e82705032e3e5c166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 22 Feb 2020 04:09:27 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24014
x-xss-protection: 0
last-modified: Sat, 22 Feb 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Feb 2020 04:09:27 GMT

GET
H2

200

activityi;dc_pre=CKuHhO-k5OcCFSHkuwgdynMHmg;src=6340566;type=audie0;cat=globa0;u1=;u2=;u3=;u4=0;u5=;u6=;u7=0;u8=;u9=EN;u10=USD;u11=DesktopWeb;u12=Desktop;u13=d2bf38ed-c858-4200-bb61-199ea8e37d73;u1...
6340566.fls.doubleclick.net/ Frame B482
Redirect Chain

https://6340566.fls.doubleclick.net/activityi;src=6340566;type=audie0;cat=globa0;u1=;u2=;u3=;u4=0;u5=;u6=;u7=0;u8=;u9=EN;u10=USD;u11=DesktopWeb;u12=Desktop;u13=d2bf38ed-c858-4200-bb61-199ea8e37d73;...
https://6340566.fls.doubleclick.net/activityi;dc_pre=CKuHhO-k5OcCFSHkuwgdynMHmg;src=6340566;type=audie0;cat=globa0;u1=;u2=;u3=;u4=0;u5=;u6=;u7=0;u8=;u9=EN;u10=USD;u11=DesktopWeb;u12=Desktop;u13=d2b...

0
0

45ms
45ms

Document
text/html

172.217.22.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6340566.fls.doubleclick.net/activityi;dc_pre=CKuHhO-k5OcCFSHkuwgdynMHmg;src=6340566;type=audie0;cat=globa0;u1=;u2=;u3=;u4=0;u5=;u6=;u7=0;u8=;u9=EN;u10=USD;u11=DesktopWeb;u12=Desktop;u13=d2bf38ed-c858-4200-bb61-199ea8e37d73;u14=b950af4f-4ad6-4af5-898f-9683a2789b12;u15=;u16=Direct;u17=400;u18=;u19=;u20=;u21=Other;u22=US;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890453984517.293?

Requested by

Host: cdn.datahc.com
URL: https://cdn.datahc.com/Script/Bundles/Master?v=guQVPOrPmfTJDH2FRGK0fUUFJzuuYvY1yoanINFjsiA1&cdn=1.0.2020.050001-C65cc8d77eca5da0c0aed54c79c88df3d2d590a12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6340566.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKuHhO-k5OcCFSHkuwgdynMHmg;src=6340566;type=audie0;cat=globa0;u1=;u2=;u3=;u4=0;u5=;u6=;u7=0;u8=;u9=EN;u10=USD;u11=DesktopWeb;u12=Desktop;u13=d2bf38ed-c858-4200-bb61-199ea8e37d73;u14=b950af4f-4ad6-4af5-898f-9683a2789b12;u15=;u16=Direct;u17=400;u18=;u19=;u20=;u21=Other;u22=US;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890453984517.293?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 22 Feb 2020 04:09:27 GMT
expires: Sat, 22 Feb 2020 04:09:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 455
x-xss-protection: 0
set-cookie: IDE=AHWqTUlaFGMIzVFCIDz9L8cbe7c0I-TK0yrEcSIri9Mweip6MNIz-7Yq8UNC-mIB; expires=Thu, 18-Mar-2021 04:09:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 22 Feb 2020 04:09:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6340566.fls.doubleclick.net/activityi;dc_pre=CKuHhO-k5OcCFSHkuwgdynMHmg;src=6340566;type=audie0;cat=globa0;u1=;u2=;u3=;u4=0;u5=;u6=;u7=0;u8=;u9=EN;u10=USD;u11=DesktopWeb;u12=Desktop;u13=d2bf38ed-c858-4200-bb61-199ea8e37d73;u14=b950af4f-4ad6-4af5-898f-9683a2789b12;u15=;u16=Direct;u17=400;u18=;u19=;u20=;u21=Other;u22=US;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8890453984517.293?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 22-Feb-2020 04:24:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 674 B
801 B 53ms
17ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?hl=en-US

Requested by

Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/QUkd4lO9/captcha/captcha.js?a=c&u=1deea2a0-5529-11ea-b8a1-9f33bed6cc49&v=&m=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95b8b2e473f89b19fea337be84c5c551477874b0db546b77d02f0d87a037303e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 22 Feb 2020 04:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 447
x-xss-protection: 1; mode=block
expires: Sat, 22 Feb 2020 04:09:27 GMT

GET
H2 200 B10719202.143048160;sz=1x1;ord=932342188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment= Show response
ad.doubleclick.net/ddm/adj/N467212.176204HOTELSCOMBINED.CO/ 16 KB
7 KB 114ms
55ms Script
text/javascript 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N467212.176204HOTELSCOMBINED.CO/B10719202.143048160;sz=1x1;ord=932342188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9RDZ5P&l=__hcgtm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

de38e643bf627f5760abd58427fed54e4b24ce92fb58cca143b6215947fea43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 22 Feb 2020 04:09:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/ 259 KB
93 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?hl=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

327358936ae1faca746b38258cde21f2574d062dc6f939a8b9fcfa8e2adfc9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 17:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Feb 2020 05:05:57 GMT
server: sffe
age: 297505
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94999
x-xss-protection: 0
expires: Wed, 17 Feb 2021 17:31:02 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 1944 0
0 40ms
39ms Document
text/html 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcj-R8TAAAAABs3FrRPuQhLMbp5QrHsHufzLf7b&co=aHR0cHM6Ly93d3cucm9vbXMuaG90ZWxib29raW5nLnBrOjQ0Mw..&hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&theme=dark&size=normal&cb=snpylt2r320m

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0Uf/AZD3RgHblE5AWOo+Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lcj-R8TAAAAABs3FrRPuQhLMbp5QrHsHufzLf7b&co=aHR0cHM6Ly93d3cucm9vbXMuaG90ZWxib29raW5nLnBrOjQ0Mw..&hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&theme=dark&size=normal&cb=snpylt2r320m
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 22 Feb 2020 04:09:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-0Uf/AZD3RgHblE5AWOo+Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10262
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N467212.176204HOTELSCOMBINED.CO/B10719202.143048160;sz=1x1;ord=932342188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13291a3b874125318d45feda0bf7208539fff387b4aa08e36eb61fa027d1ca03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 22 Feb 2020 04:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27929
x-xss-protection: 0
expires: Sat, 22 Feb 2020 04:09:27 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
658 B 100ms
38ms Other
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3Tx3oOaBgxX24D69Ta_9RGVasxkSVJU4CeYBw4FR-UxMZ22TP_KLkkdeKHDMNC2dcUIHQCIjJs3rYV_4bBPdZpN_5cjQG05PdXv1qXfsxmq9UnehbSYcfkpiGd-mUAcyQvsJdHwU&sig=Cg0ArKJSzF61ZK1U1pMDEAE&urlfix=1&omid=0&rm=1&ctpt=1&cstd=0&cisv=r20200219&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N467212.176204HOTELSCOMBINED.CO/B10719202.143048160;sz=1x1;ord=932342188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Origin: https://www.rooms.hotelbooking.pk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 22 Feb 2020 04:09:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 c Show response
collector-pxqukd4lo9.perimeterx.net/b/ 566 B
797 B 101ms
48ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxqukd4lo9.perimeterx.net/b/c
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/QUkd4lO9/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ec113e5c37823651bb53673304f3ba36d63deab14718dfda74d5de3a92f294ca

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Origin: https://www.rooms.hotelbooking.pk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 22 Feb 2020 04:09:27 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rooms.hotelbooking.pk
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 566

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 20DB 0
0 19ms
19ms Document
text/html 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&k=6Lcj-R8TAAAAABs3FrRPuQhLMbp5QrHsHufzLf7b&cb=iq2urhc59xas

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LdzNquJjy+7raL5E2WPQnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&k=6Lcj-R8TAAAAABs3FrRPuQhLMbp5QrHsHufzLf7b&cb=iq2urhc59xas
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 22 Feb 2020 04:09:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-LdzNquJjy+7raL5E2WPQnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1182
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
57 B 37ms
37ms Other
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N467212.176204HOTELSCOMBINED.CO/B10719202.143048160;sz=1x1;ord=932342188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Origin: https://www.rooms.hotelbooking.pk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 22 Feb 2020 04:09:28 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 g Show response
collector-pxqukd4lo9.perimeterx.net/b/ 52 B
282 B 88ms
34ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxqukd4lo9.perimeterx.net/b/g
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/QUkd4lO9/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a1a0397077b4c248070d9ebfbbc015502b2a472f203d91aff2e496648c4ae422

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Origin: https://www.rooms.hotelbooking.pk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 22 Feb 2020 04:09:28 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rooms.hotelbooking.pk
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 52

POST
H2 200 c Show response
collector-pxqukd4lo9.perimeterx.net/b/ 369 B
437 B 65ms
64ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxqukd4lo9.perimeterx.net/b/c
Requested by: Host: www.rooms.hotelbooking.pk
URL: https://www.rooms.hotelbooking.pk/QUkd4lO9/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e136f987cd06a11d88015ad461363a14f8475faed029a85290a44fbe4077a8b7

Request headers

Referer: https://www.rooms.hotelbooking.pk/TrafficInspection/1deea2a0-5529-11ea-b8a1-9f33bed6cc49?requestUrl=%2F&PxVid=&PxAction=c&PxMobile=0
Origin: https://www.rooms.hotelbooking.pk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 22 Feb 2020 04:09:28 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rooms.hotelbooking.pk
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 369

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rooms.hotelbooking.pk/	1970-01-19 16:19:26	Name: Tests Value: 6586000901000A1101CE1001FB1001FE00020510020710021111021520021C00021D10021F10022010022400022910022D10023000023110023320023410023A00023C00023E11023F10E5A8
www.rooms.hotelbooking.pk/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 0RXCZJIzNZ2gzPfMSfmXkeqe2uCx0BvYRCd2VzzWB6trbIYJTImuntI5yyZBYvtol3cVquodI1vQe09RY0EMiDcXxjU1
.doubleclick.net/	1970-01-19 16:54:00	Name: IDE Value: AHWqTUlaFGMIzVFCIDz9L8cbe7c0I-TK0yrEcSIri9Mweip6MNIz-7Yq8UNC-mIB
www.rooms.hotelbooking.pk/	1969-12-31 23:59:59	Name: dcid Value: DAL01
www.rooms.hotelbooking.pk/	1970-01-30 06:31:55	Name: currencyCode Value: USD
www.rooms.hotelbooking.pk/	1969-12-31 23:59:59	Name: VisitType Value: 1
www.rooms.hotelbooking.pk/	1970-01-19 07:32:31	Name: countryCode Value: US
www.rooms.hotelbooking.pk/	1970-01-30 06:31:55	Name: languageCode Value: EN
www.rooms.hotelbooking.pk/	1970-01-19 16:19:26	Name: a_aid Value: 400
www.rooms.hotelbooking.pk/	1969-12-31 23:59:59	Name: _pxhd Value: 50c67cb0e96ca8b6817cb73da93bd4c3a48014dd2825751e6f958bde0c9028b4:1deea2a1-5529-11ea-b8a1-9f33bed6cc49

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6340566.fls.doubleclick.net
ad.doubleclick.net
cdn.datahc.com
collector-pxqukd4lo9.perimeterx.net
googleads4.g.doubleclick.net
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
www.rooms.hotelbooking.pk
104.108.44.250
172.217.18.102
172.217.22.102
216.58.207.34
2a00:1450:4001:808::2003
2a00:1450:4001:816::2004
2a00:1450:4001:817::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:825::2008
2a04:4e42:1b::390
35.186.220.184
0aa6485a6e11f71a907363729dcdfb849bb6eb836fbdeec9e9db329c0484a99d
11fce086974d3d0a2cd1c863616c7b7a51a51bd5f41343bb196063e5a69e76db
13291a3b874125318d45feda0bf7208539fff387b4aa08e36eb61fa027d1ca03
20972b2407a4c67b2e59d1ceea230bfed5d8b34a2440b40e82705032e3e5c166
327358936ae1faca746b38258cde21f2574d062dc6f939a8b9fcfa8e2adfc9ee
49c68ad5abd40cbc63f74678fa695205159bf6276e168409e1912e95c1a02835
4eccd81cea93b47379613414ff1729dff7e127180f242a8bada37dc8e7aa6ed8
4f9361f0dea6a57dc8b1293de943b83f02176a220273edfe2f2931541717421d
551b00ace1abaa100760e36cbe16d8be29102e6a09689dcb183420742415f085
59af1fb7373727b66c4fff30a5df526277184b81cc480da55e893ccd384e35f0
6318904bb3e86e8fb720ecea7608c3919447b762e6a9d340e6bf04832e917648
8004417c083733baffbee6d2325e68404a8c6d812ce693076d397fdb02e26cf1
86285106f338b0d7be96d482d34fa40359656a92c9e739473cbf1d0b9ad9b867
95b8b2e473f89b19fea337be84c5c551477874b0db546b77d02f0d87a037303e
a1a0397077b4c248070d9ebfbbc015502b2a472f203d91aff2e496648c4ae422
b8fb94e9ed195b7a6342d6c963ff3244bec679147927ee5d7e784520ce8a22ab
d8d82d9701c57e1c72b20d09838d87a3db6096f2b33a03c8aa4dcf98f1b01075
de38e643bf627f5760abd58427fed54e4b24ce92fb58cca143b6215947fea43d
e136f987cd06a11d88015ad461363a14f8475faed029a85290a44fbe4077a8b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb362910b8888d82b36c3cb56cc1b310cd560bf8ebf987a690d79c6e9b57c2b3
ec113e5c37823651bb53673304f3ba36d63deab14718dfda74d5de3a92f294ca

www.rooms.hotelbooking.pk Open in urlscan Pro 2a04:4e42:1b::390 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

85 %HTTPS

55 %IPv6

9 Domains

11 Subdomains

11 IPs

4 Countries

601 kBTransfer

1575 kBSize

10 Cookies

9 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

www.rooms.hotelbooking.pk Open in urlscan Pro
2a04:4e42:1b::390 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

85 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

601 kB
Transfer

1575 kB
Size

10
Cookies

27 HTTP transactions
0 data transactions