booking.kalculatedmedia.com Open in urlscan Pro
2606:4700::6812:666a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://booking.kalculatedmedia.com/
Submission: On December 03 via api (December 3rd 2024, 3:07:18 pm UTC) from US — Scanned from US

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 11 domains to perform 49 HTTP transactions. The main IP is 2606:4700::6812:666a, located in United States and belongs to CLOUDFLARENET, US. The main domain is booking.kalculatedmedia.com.
TLS certificate: Issued by WE1 on October 13th 2024. Valid for: 3 months.

This is the only time booking.kalculatedmedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700::68... 2606:4700::6812:666a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6812:676a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.251.41.3 142.251.41.3	15169 (GOOGLE) (GOOGLE)
2	157.240.241.35 157.240.241.35	32934 (FACEBOOK) (FACEBOOK)
1	142.250.80.68 142.250.80.68	15169 (GOOGLE) (GOOGLE)
3	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c21::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
49	15

10 2606:4700::6812:666a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

booking.kalculatedmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:676a (United States)

ASN13335 (CLOUDFLARENET, US)

media.hd.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	hd.pics media.hd.pics — Cisco Umbrella Rank: 601956	539 KB
10	kalculatedmedia.com 1 redirects booking.kalculatedmedia.com	582 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 u.clarity.ms — Cisco Umbrella Rank: 7789 c.clarity.ms — Cisco Umbrella Rank: 1269	30 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 415	107 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	610 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	340 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	gstatic.com fonts.gstatic.com	63 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	772 B
49	11

	Domain	Requested by
12	media.hd.pics	booking.kalculatedmedia.com
10	booking.kalculatedmedia.com	1 redirects booking.kalculatedmedia.com
4	www.googletagmanager.com	booking.kalculatedmedia.com www.googletagmanager.com
3	u.clarity.ms	www.clarity.ms
3	ajax.googleapis.com	booking.kalculatedmedia.com
2	c.clarity.ms	1 redirects
2	td.doubleclick.net	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	www.facebook.com	booking.kalculatedmedia.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.clarity.ms	booking.kalculatedmedia.com www.clarity.ms
2	connect.facebook.net	booking.kalculatedmedia.com connect.facebook.net
2	fonts.googleapis.com	booking.kalculatedmedia.com ajax.googleapis.com
1	c.bing.com	1 redirects
1	www.google.com	www.googletagmanager.com
49	16

This site contains no links.

Subject Issuer	Validity	Valid
booking.kalculatedmedia.com WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
hd.pics E6	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-11` - `2024-12-10`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://booking.kalculatedmedia.com/
Frame ID: 79531BFC82B29925AADEC3A6B2F97C58
Requests: 44 HTTP requests in this frame

Frame: https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: 204D4FB4AA4FC1501955D29DAB60193C
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fbooking.kalculatedmedia.com
Frame ID: 6BF6097A92FDBE8926742F3D44BA73DF
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-MWE46F19LM&gacid=343346053.1733238433&gtm=45je4bk0v9123082311z89119306395za200zb9119306395&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=46407624
Frame ID: EAD7669D7F65CF4BBA669C8BBB5EFCC4
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-PC2TQ5FC02&gacid=343346053.1733238433&gtm=45je4bk0v9119313763z89119306395za200zb9119306395&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1606831996
Frame ID: 4E1824B1FD6475DB33BB5C449F9800FE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

List of Sites :: Kalculated Media Co.

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

49
Requests

96 %
HTTPS

63 %
IPv6

11
Domains

16
Subdomains

15
IPs

1
Countries

1738 kB
Transfer

3596 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

Request Chain 44

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=86BDC112988A43F48A171489FDA925D7&RedC=c.clarity.ms&MXFR=1CAB9D6A79236D0D12B088207D236373 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=86BDC112988A43F48A171489FDA925D7&MUID=10A4C8C36C1A6F6131C4DD896D006EF0

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
booking.kalculatedmedia.com/ 20 KB
6 KB 870ms
446ms Document
text/html 2606:4700::6812:666a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:666a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd5eba900f9cc66bb881c01ce200384defcb96f62392bf348cbaef72ad4e0e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8ec476fc8a28335b-MIA
content-encoding: gzip
content-type: text/html
date: Tue, 03 Dec 2024 15:07:10 GMT
server: cloudflare
x-server: WEB104

GET
H2 200 css
fonts.googleapis.com/ 1 KB
932 B 327ms
106ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6ac446345e9379f1da4d812545ecb917992bbba176d0facb590f0c8cf2ac97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 15:07:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 13:26:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/ 35 KB
9 KB 308ms
88ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.css

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
age: 415148
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 19:48:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 19:48:03 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8324
x-xss-protection: 0
server: sffe

GET
H2 200 all.min.css
booking.kalculatedmedia.com/art/fa/css/ 496 KB
133 KB 117ms
111ms Stylesheet
text/css 2606:4700::6812:666a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/art/fa/css/all.min.css
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:666a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

server: cloudflare
cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: HIT
etag: "6a1c3bdfb5f7d91:0"
age: 78480
cf-ray: 8ec47701a93d335b-MIA
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: text/css
last-modified: Thu, 05 Oct 2023 18:00:49 GMT
vary: Accept-Encoding
x-server: WEB102

GET
H2 200 main.css
booking.kalculatedmedia.com/art/ 34 KB
7 KB 182ms
176ms Stylesheet
text/css 2606:4700::6812:666a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/art/main.css?v=494
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:666a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a87cd3eca3d1b0c5df6631e18049ab664f7911d0a8a31f8888d364f7642bb7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"162353ddcbeda1:0"
cf-ray: 8ec47701a942335b-MIA
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: text/css
last-modified: Sat, 15 Jun 2024 04:26:48 GMT
x-server: WEB106
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
30 KB 319ms
100ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
age: 310197
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 00:57:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 00:57:14 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
66 KB 424ms
206ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
age: 434361
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 14:27:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 14:27:50 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67948
x-xss-protection: 0
server: sffe

GET
H2 200 jquery.ui.touch-punch.min.js Show response
booking.kalculatedmedia.com/js/ 1 KB
786 B 245ms
240ms Script
application/javascript 2606:4700::6812:666a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/js/jquery.ui.touch-punch.min.js
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:666a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"199a73bd572dd71:0"
cf-ray: 8ec47701a948335b-MIA
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: application/javascript
last-modified: Fri, 09 Apr 2021 15:48:09 GMT
x-server: WEB103
server: cloudflare
vary: Accept-Encoding

GET
H2 200 main.js Show response
booking.kalculatedmedia.com/js/ 129 KB
41 KB 284ms
279ms Script
application/javascript 2606:4700::6812:666a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/js/main.js?v=494
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:666a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09f68b5f8d470a0a6871b6b0c351abb25f5cccab66a855f2bb9fdc3eaa96832b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

server: cloudflare
cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: EXPIRED
etag: "19c3af748530db1:0"
cf-ray: 8ec47701a94c335b-MIA
expires: Wed, 04 Dec 2024 15:07:11 GMT
accept-ranges: bytes
content-length: 41998
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 19:52:48 GMT
vary: Accept-Encoding
x-server: WEB106

GET
H2 200 apiv2.js Show response
booking.kalculatedmedia.com/js/ 13 KB
3 KB 305ms
301ms Script
application/javascript 2606:4700::6812:666a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/js/apiv2.js?v=494
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:666a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76397e0690fb789c8ef9b166155ca10cc75981f2f830aa89bc8a477a3755f671

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

server: cloudflare
cache-control: public, max-age=86400
content-encoding: gzip
cf-cache-status: MISS
etag: "39e899547625db1:0"
cf-ray: 8ec47701a94e335b-MIA
expires: Wed, 04 Dec 2024 15:07:11 GMT
accept-ranges: bytes
content-length: 3083
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 18:06:49 GMT
vary: Accept-Encoding
x-server: WEB103

GET
H2 200 bsoi9ah6p3.png
media.hd.pics/1/ 17 KB
18 KB 3760ms
3591ms Image
image/png 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/1/bsoi9ah6p3.png
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a09584fcd8a5eb8452639817cfd0abab8e2cb7bcb2f705856537dc408e9d5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=2592000
x-aspnet-version: 4.0.30319
cf-cache-status: DYNAMIC
allow-range: bytes
cf-ray: 8ec47702baa04976-MIA
access-control-allow-origin: *
content-length: 17755
date: Tue, 03 Dec 2024 15:07:14 GMT
content-type: image/png
content-disposition: filename=1/bsoi9ah6p3.png
x-server: BOT04
server: cloudflare
hd-source: w-v1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 251ms
119ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-9q6d9U5S' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-9q6d9U5S' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=120, rtx=0, c=24, mss=1232, tbw=8210, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 7qPapV6cLqP2WDSHYCb2kW8NDn0Qc8Lz/7acw9hG8M0Sh1vfJbmL+9TRSk04xnPKuiyykE8QDJIjK8n8esWfWg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 css
fonts.googleapis.com/ 2 KB
655 B 113ms
109ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2985f60e922d8796396c202ffcb9f6f6c2a57f510cb49f9babf16d025c6b058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 15:07:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 13:12:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
100 KB 672ms
135ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b61fcf6f13088eae61ca930b3a5db2b25dd69d5f6896356dd57fa8848208c5e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 03 Dec 2024 15:07:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:07:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101987
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ks0vx48x2m Show response
www.clarity.ms/tag/ 689 B
1 KB 533ms
89ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ks0vx48x2m
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 33f27e683b218ec8c3e717c9666aaff8bc0e4cc1a00a9eae7a0a02c622c7e5d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Tue, 03 Dec 2024 15:07:12 GMT
content-type: application/x-javascript
x-azure-ref: 20241203T150711Z-16b74445767gzv8whC1BN1he380000001fv000000000d0hq

GET
H2 200 fa-regular-400.woff2
booking.kalculatedmedia.com/art/fa/webfonts/ 386 KB
387 KB 201ms
196ms Font
font/woff2 2606:4700::6812:666a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/art/fa/webfonts/fa-regular-400.woff2
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/art/fa/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:666a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://booking.kalculatedmedia.com
Referer: https://booking.kalculatedmedia.com/art/fa/css/all.min.css

Response headers

cache-control: public, max-age=86400
cf-cache-status: HIT
etag: "10a9b740c1f7d91:0"
cf-ray: 8ec47705ce09335b-MIA
expires: Wed, 04 Dec 2024 15:07:11 GMT
accept-ranges: bytes
content-length: 395444
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: font/woff2
last-modified: Thu, 05 Oct 2023 19:22:17 GMT
x-server: WEB102
server: cloudflare
vary: Accept-Encoding

GET
H3 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 213ms
96ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://booking.kalculatedmedia.com
Referer: https://fonts.googleapis.com/

Response headers

age: 448619
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 10:30:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 10:30:12 GMT
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45300
x-xss-protection: 0
server: sffe

GET
H2

200

main.js Show response
booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame 204D
Redirect Chain

https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

9 KB
4 KB

94ms
89ms

Script
application/javascript

2606:4700::6812:666a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Server

2606:4700::6812:666a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c6d63c0a3ae96f9be399b084b6a7198a74298c31467d4733aedf1d1aa33f568

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 8ec477065eeb335b-MIA
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cf-ray: 8ec47705ce0e335b-MIA
access-control-allow-origin: *
content-length: 0
date: Tue, 03 Dec 2024 15:07:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/ 18 KB
18 KB 189ms
103ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://booking.kalculatedmedia.com
Referer: https://fonts.googleapis.com/

Response headers

age: 437377
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 13:37:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 13:37:34 GMT
last-modified: Wed, 06 Nov 2024 17:30:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18792
x-xss-protection: 0
server: sffe

GET
H2 200 t1ejaopwlm.jpg
media.hd.pics/2/ 108 KB
108 KB 401ms
396ms Image
image/jpeg 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/t1ejaopwlm.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd67c2c035c4641ef20aaf43405c9e1d8d9385209b00d90ada55afcbdc53bd53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "c399102b22fd9cc30989954c60eefdd5"
x-wasabi-cm-reference-id: 1733238431793 38.73.225.103 ConID:2576443432/EngineConID:24375624/Core:89
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: image/jpeg
last-modified: Sat, 23 Nov 2024 15:39:04 GMT
vary: Accept-Encoding
x-amz-id-2: K1mRF3EYGSieBhd/Ds1qOvBAbp5iL+zjg5TNKdx1xMWjk0zom1ey/JdJTIDamtOTglK5vmgac1D9
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: 4AB8E8C25E869AE2:B
cf-ray: 8ec477061fc84976-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 110480
server: cloudflare

GET
H2 200 bqvc3j5e6l.jpg
media.hd.pics/2/ 2 KB
3 KB 387ms
382ms Image
image/jpeg 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/bqvc3j5e6l.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cac909f09d17b786b588be157d6e92f49361857b2a809bdaae18838ccc6215

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "b9dcd40441fff1be4385bfc03ac32421"
x-wasabi-cm-reference-id: 1733238431781 38.73.225.105 ConID:2579846605/EngineConID:24389238/Core:103
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 15:46:06 GMT
vary: Accept-Encoding
x-amz-id-2: FJbUZ18cSJtl9ixlaPYRcorMPAOJwKIuDvRA77hIBnbWmaZoVQVauAvhTLvNVa15wwhGJ77C1oG6
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: 67C0E54CE8151E6C:B
cf-ray: 8ec477061fcc4976-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2554
server: cloudflare

GET
H2 200 w6ydhokky4.jpg
media.hd.pics/2/ 24 KB
24 KB 388ms
384ms Image
image/jpeg 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/w6ydhokky4.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4532c72861416f873da03b791426e1ea2a2a5ff866fb0d4d961baf4c30dcf658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "b2f1dd67fe3f3dbf5b318586c82ba11a"
x-wasabi-cm-reference-id: 1733238431799 38.73.225.101 ConID:2585905876/EngineConID:24462303/Core:97
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: image/jpeg
last-modified: Wed, 06 Nov 2024 14:09:55 GMT
vary: Accept-Encoding
x-amz-id-2: bqRD3tYKSXc6I7iI4qA73HRv5upAVvJUx9+Ftqz1B2bF0jPm1HSvQPAJoRXiADfCHhLARtzWK4gz
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: F1F47809550D03C8:A
cf-ray: 8ec477061fcf4976-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24218
server: cloudflare

GET
H2 200 tl69qc1mym.jpg
media.hd.pics/2/ 2 KB
3 KB 388ms
384ms Image
image/jpeg 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/tl69qc1mym.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d7a1967efe3cc05d345e4676c5ed789c5b75eb24f97b80c4531ad3b626e6e31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "34e1635d0ca4d05b26ea33e173c19021"
x-wasabi-cm-reference-id: 1733238431786 38.73.225.103 ConID:2576443427/EngineConID:24415181/Core:87
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: image/jpeg
last-modified: Tue, 05 Nov 2024 23:34:49 GMT
vary: Accept-Encoding
x-amz-id-2: yqmIgSxs1Y/BIBxqgbU5mkuhy/Mx4vtcMh1RoZ5njfGx0k8cJyo9LEpaDjRi8Uw6eyHu1W1TkD+C
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: E3487AFC2CDE143F:B
cf-ray: 8ec477061fd24976-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2481
server: cloudflare

GET
H2 200 o4n8nd67gt.jpg
media.hd.pics/2/ 27 KB
28 KB 395ms
392ms Image
image/jpeg 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/o4n8nd67gt.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835d52b9c620ea3ab01d056476e3a9f5270d24fa05b8d7c312bee0e219aa9825

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "a760ddb686f1bf16eea1645ba2e75aaa"
x-wasabi-cm-reference-id: 1733238431810 38.73.225.107 ConID:2578235365/EngineConID:24403076/Core:65
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: image/jpeg
last-modified: Thu, 31 Oct 2024 14:40:26 GMT
vary: Accept-Encoding
x-amz-id-2: +UOFpfrEgFxvJ5tKQgO3in6v4LgjfcJvHiZqvr+zwqg2fvJxBrIX1cfHo6UzcJkDonOVmhP0hDL0
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: AAE5897975AFE98F:B
cf-ray: 8ec477061fd34976-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27988
server: cloudflare

GET
H2 200 b7qz8pkpd2.jpg
media.hd.pics/2/ 30 KB
30 KB 210ms
206ms Image
image/jpeg 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/b7qz8pkpd2.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0687f26eb304f113e315e3c20d862e3d7b79902182fecc6bc67f807dfe35a056

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "e6d0fb0692873bd373ebed13c6735db0"
x-wasabi-cm-reference-id: 1733238351690 38.73.225.104 ConID:2579769237/EngineConID:25191061/Core:34
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: image/jpeg
last-modified: Sat, 31 Aug 2024 01:45:40 GMT
vary: Accept-Encoding
x-amz-id-2: WcR9nBiiVxMQ7rrKupTdOAH51esXreL7822MhtGBr12BzhnrqcSQMXN5NSk0wAwhKD1KDqjEkfN5
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: 9BF00DF3703052A3:B
cf-ray: 8ec477061fd54976-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30306
server: cloudflare

GET
H2 200 ebs8this2w.jpg
media.hd.pics/2/ 9 KB
9 KB 386ms
383ms Image
image/jpeg 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/ebs8this2w.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53fd9f8f10346480c5ccff312bcd24b9d41a5c76550b6a0b6ec094381ae3f2b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "7310dccb38ca43be514f9af0bc1f4acf"
x-wasabi-cm-reference-id: 1733238431803 38.73.225.102 ConID:2576443442/EngineConID:25109892/Core:60
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: image/jpeg
last-modified: Mon, 02 Sep 2024 17:22:17 GMT
vary: Accept-Encoding
x-amz-id-2: E9L1+72F99mgLpu8FSHZcgsrnZHdpNOJyqw7/DFuqZpx6nu1LsqY4X+a/FksG0qAr3nS7ican8X2
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: DF9AEE4DEB0D91A6:A
cf-ray: 8ec477061fd74976-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9004
server: cloudflare

GET
H2 200 giqznpg81s.png
media.hd.pics/2/ 174 KB
175 KB 247ms
244ms Image
image/png 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/giqznpg81s.png
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3822ffa2107cdf0b72769b526130967e5bd16735bb6bb625aa5e2b77669136ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "04cb9b967a7ce21bcc19af10908d0e9f"
x-wasabi-cm-reference-id: 1733238431760 38.73.225.101 ConID:2585905860/EngineConID:24428040/Core:65
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: image/png
last-modified: Mon, 19 Aug 2024 21:32:24 GMT
vary: Accept-Encoding
x-amz-id-2: e0KulQMpvPLm1iX/H7nyrFk5/rKLeY1V2mRDxUF7kgSTInuFg6r9GruX79ZRcdCAAz53Gczy/efg
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: 30F103054449BCB4:B
cf-ray: 8ec477061fd84976-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 178294
server: cloudflare

GET
H2 200 yhfzmuottc.jpg
media.hd.pics/2/ 3 KB
3 KB 238ms
235ms Image
image/jpeg 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hd.pics/2/yhfzmuottc.jpg
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 139d59ccc19a2c971b168f621bee0efacb8189c84cc5c206903213401c5f8ed2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cf-cache-status: MISS
etag: "d36c49d11f428e116ba4ad4c0cab38c5"
x-wasabi-cm-reference-id: 1733238431768 38.73.225.102 ConID:2576443411/EngineConID:25228180/Core:10
expires: Wed, 04 Dec 2024 15:07:11 GMT
date: Tue, 03 Dec 2024 15:07:11 GMT
content-type: image/jpeg
last-modified: Thu, 29 Aug 2024 17:45:52 GMT
vary: Accept-Encoding
x-amz-id-2: yWikgZs1Bn0xHO6zPUzKsvMBH+4w1h9RX259JLja2XHeH/OwPw1VxGCQ8OM2B4CjDYpVr0b+nt+w
hd-source: w-v1
cache-control: public, max-age=2592000
x-amz-request-id: EDE34A8E1DDF40A7:A
cf-ray: 8ec477061fdc4976-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3275
server: cloudflare

POST
H2 200 8ec476fc8a28335b Show response
booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 204D 0
656 B 162ms
149ms XHR
text/plain 2606:4700::6812:666a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ec476fc8a28335b
Requested by: Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:666a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8ec4770869a8335b-MIA
content-length: 0
date: Tue, 03 Dec 2024 15:07:12 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 230469054215394 Show response
connect.facebook.net/signals/config/ 78 KB
15 KB 178ms
173ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/230469054215394?v=2.9.176&r=stable&domain=booking.kalculatedmedia.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

d9d2c64f9d30ed6df204af541c11ad2bb1a4f6cf61d75a11618ad9204f7bc315

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-PJ9yw1uV' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 15:07:12 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-PJ9yw1uV' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=127, rtx=1, c=80, mss=1232, tbw=74214, tp=71, tpl=1, uplat=55, ullat=0
pragma: public
x-fb-debug: sbf2N4FCXUABycKu+echgjgf61R/EDDCg19yW8NBSdEWTxB2pYe34f9LdG+AF0DTsS9rFtzFSfQxJuyf7wxAiw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 171ms
160ms Script
application/javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ks0vx48x2m
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

x-azure-ref: 20241203T150712Z-16b74445767gzv8whC1BN1he380000001fv000000000d0k4
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD0EDC462F0477"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: b932d0db-c01e-0014-0c4e-4166b4000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Tue, 03 Dec 2024 15:07:12 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 27 Nov 2024 12:08:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 504ms
121ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230469054215394&ev=PageView&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&rl=&if=false&ts=1733238432323&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733238432316.354399958298956694&cs_est=true&ler=empty&cdl=API_unavailable&it=1733238432098&coo=false&rqm=GET

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=26, mss=1232, tbw=8356, tp=16, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 03 Dec 2024 15:07:12 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 553ms
171ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=230469054215394&ev=PageView&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&rl=&if=false&ts=1733238432323&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733238432316.354399958298956694&cs_est=true&ler=empty&cdl=API_unavailable&it=1733238432098&coo=false&rqm=FGET

Requested by

Host: booking.kalculatedmedia.com
URL: https://booking.kalculatedmedia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7444202382640534844"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 15:07:12 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: epHlQCizTORBnrSKXPamS2Vd5ai7oDl8Ulf88kOGZUA8BXZR4OLj3T5VIN3ewW4OSunlmBrBKcp0c2PVwCbZwQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7444202382640534844", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=26, mss=1232, tbw=8676, tp=18, tpl=0, uplat=51, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 363 KB
121 KB 134ms
131ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c&gtm=45He4bk0v9119306395za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13cf5b373af78af0f17be12a46c02d2155e368466d7d7a6ff3cf06a0f7ab0749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 15:07:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:07:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 123427
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 388ms
110ms Ping
text/plain 142.250.80.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=655494842.1733238432&auid=628438994.1733238432&npa=0&gtm=45He4bk0v9119306395za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733238432446&tfd=2734&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s35-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 358 KB
119 KB 160ms
159ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c&gtm=45He4bk0v9119306395za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69628f00319f0500422bcb35993a0f56a8f916ee9c2a40d5f57b38152b137b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 15:07:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:07:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 121691
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 6BF6 0
0 289ms
107ms Document
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fbooking.kalculatedmedia.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 15:07:12 GMT
expires: Wed, 03 Dec 2025 15:07:12 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
291 B 356ms
89ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://booking.kalculatedmedia.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://booking.kalculatedmedia.com
Date: Tue, 03 Dec 2024 15:07:12 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect
analytics.google.com/g/ 0
0 404ms
114ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MWE46F19LM&gtm=45je4bk0v9123082311z89119306395za200zb9119306395&_p=1733238431519&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=343346053.1733238433&ecid=257591951&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1733238432&sct=1&seg=0&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&dt=List%20of%20Sites%20%3A%3A%20Kalculated%20Media%20Co.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3128
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c&gtm=45He4bk0v9119306395za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://booking.kalculatedmedia.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:07:13 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
562 B 375ms
95ms Ping
text/plain 2607:f8b0:4004:c21::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MWE46F19LM&cid=343346053.1733238433&gtm=45je4bk0v9123082311z89119306395za200zb9119306395&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c&gtm=45He4bk0v9119306395za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c21::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://booking.kalculatedmedia.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:07:13 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame EAD7 0
0 359ms
123ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-MWE46F19LM&gacid=343346053.1733238433&gtm=45je4bk0v9123082311z89119306395za200zb9119306395&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=46407624

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c&gtm=45He4bk0v9119306395za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.kalculatedmedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 15:07:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 292ms
115ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PC2TQ5FC02&gtm=45je4bk0v9119313763z89119306395za200zb9119306395&_p=1733238431519&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=343346053.1733238433&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733238432&sct=1&seg=0&dl=https%3A%2F%2Fbooking.kalculatedmedia.com%2F&dt=List%20of%20Sites%20%3A%3A%20Kalculated%20Media%20Co.&en=page_view&_fv=1&_ss=1&tfd=3239
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c&gtm=45He4bk0v9119306395za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://booking.kalculatedmedia.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:07:13 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 264ms
97ms Ping
text/plain 2607:f8b0:4004:c21::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PC2TQ5FC02&cid=343346053.1733238433&gtm=45je4bk0v9119313763z89119306395za200zb9119306395&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c&gtm=45He4bk0v9119306395za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c21::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://booking.kalculatedmedia.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:07:13 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 4E18 0
0 159ms
124ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-PC2TQ5FC02&gacid=343346053.1733238433&gtm=45je4bk0v9119313763z89119306395za200zb9119306395&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1606831996

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c&gtm=45He4bk0v9119306395za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.kalculatedmedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 15:07:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
291 B 96ms
94ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://booking.kalculatedmedia.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://booking.kalculatedmedia.com
Date: Tue, 03 Dec 2024 15:07:13 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=86BDC112988A43F48A171489FDA925D7&RedC=c.clarity.ms&MXFR=1CAB9D6A79236D0D12B088207D236373
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=86BDC112988A43F48A171489FDA925D7&MUID=10A4C8C36C1A6F6131C4DD896D006EF0

42 B
465 B

97ms
95ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=86BDC112988A43F48A171489FDA925D7&MUID=10A4C8C36C1A6F6131C4DD896D006EF0
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Tue, 03 Dec 2024 15:07:15 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=86BDC112988A43F48A171489FDA925D7&MUID=10A4C8C36C1A6F6131C4DD896D006EF0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23FFA4AD23BB4DE09BEDF115EE15105A Ref B: MIA301000101039 Ref C: 2024-12-03T15:07:15Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Tue, 03 Dec 2024 15:07:15 GMT
x-powered-by: ASP.NET

GET
H2 200 g7b4xtafgd.png
media.hd.pics/1/ 139 KB
139 KB 562ms
562ms Other
image/png 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.hd.pics/1/g7b4xtafgd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5425a51680abbb73017c4441811a583e068ff5c56b4755f6aeeb257f0e6cda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=2592000
x-aspnet-version: 4.0.30319
cf-cache-status: DYNAMIC
allow-range: bytes
cf-ray: 8ec47719fd384976-MIA
access-control-allow-origin: *
content-length: 141977
date: Tue, 03 Dec 2024 15:07:15 GMT
content-type: image/png
content-disposition: filename=1/g7b4xtafgd.png
x-server: BOT01
server: cloudflare
hd-source: w-v1

GET
H2 200 g7b4xtafgd.png
media.hd.pics/1/ 139 KB
0 1ms
1ms Other
image/png 2606:4700::6812:676a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.hd.pics/1/g7b4xtafgd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:676a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5425a51680abbb73017c4441811a583e068ff5c56b4755f6aeeb257f0e6cda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://booking.kalculatedmedia.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=2592000
x-aspnet-version: 4.0.30319
cf-cache-status: DYNAMIC
allow-range: bytes
cf-ray: 8ec47719fd384976-MIA
access-control-allow-origin: *
content-length: 141977
date: Tue, 03 Dec 2024 15:07:15 GMT
content-type: image/png
content-disposition: filename=1/g7b4xtafgd.png
x-server: BOT01
server: cloudflare
hd-source: w-v1

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
291 B 90ms
88ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://booking.kalculatedmedia.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://booking.kalculatedmedia.com
Date: Tue, 03 Dec 2024 15:07:16 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.booking.kalculatedmedia.com/	1970-01-21 10:12:54	Name: sid2 Value: CBE76F0576E646FDA5AC2A0EB4527E67
www.clarity.ms/	1970-01-21 10:12:54	Name: CLID Value: 342cc8e4ccd5463b8a1d22f0df17655f.20241203.20251203
.booking.kalculatedmedia.com/	1970-01-21 10:12:54	Name: cf_clearance Value: jghrC40ayIqnx_YPyeUaNCoeNcleL6BIzdJpo42GCMs-1733238432-1.2.1.1-fnFVGa7.0PI3SPD_cTVDDw3pjMXMPYZdnG.4LG4dlaP_pIhobEhVIwNB.d.1u0aMOWHPwoNlxy.0CVnoFOWbOC1F4cN4xPfVfJAcnHZNiJpCGOkZ2I.Y_anjve7Oggieig92dtF35Cjj18SlB053Y8sokZ8pXMr83VgVsCRGvFMCHoBEdcd01h1cn74xL2cUDReeSvpEab2LO9FhQDWGjJwX.Bvkyyvqv6P0UFbDxD5FufUK5mf1yP9uSWrdq_LY_xH_QCXpLdSBNQw3ONPx4PaeDjgsoY3OtKIvyjFXZw7NcvRPbBw8X6leJf2gG0Xnocspw36hPXok9eHjH.2WR3r2zpJ2V1PaABDP8QmaGONUo6_l5onS85XPVNww8a7W
.kalculatedmedia.com/	1970-01-21 03:36:54	Name: _fbp Value: fb.1.1733238432316.354399958298956694
.kalculatedmedia.com/	1970-01-21 10:12:54	Name: _clck Value: 1boqn22%7C2%7Cfre%7C0%7C1798
.kalculatedmedia.com/	1970-01-21 03:36:54	Name: _gcl_au Value: 1.1.628438994.1733238432
.kalculatedmedia.com/	1970-01-21 11:03:18	Name: _ga_MWE46F19LM Value: GS1.1.1733238432.1.0.1733238432.60.0.257591951
.kalculatedmedia.com/	1970-01-21 11:03:18	Name: _ga Value: GA1.1.343346053.1733238433
.kalculatedmedia.com/	1970-01-21 01:28:44	Name: _clsk Value: kzl2zk%7C1733238432897%7C1%7C1%7Cu.clarity.ms%2Fcollect
.kalculatedmedia.com/	1970-01-21 11:03:18	Name: _ga_PC2TQ5FC02 Value: GS1.1.1733238432.1.0.1733238432.60.0.0
.doubleclick.net/	1970-01-21 01:27:19	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-21 10:48:54	Name: MUID Value: 10A4C8C36C1A6F6131C4DD896D006EF0
.c.bing.com/	1970-01-21 01:37:23	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:48:54	Name: SRM_B Value: 10A4C8C36C1A6F6131C4DD896D006EF0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:48:54	Name: MUID Value: 10A4C8C36C1A6F6131C4DD896D006EF0
.c.clarity.ms/	1970-01-21 01:37:23	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:27:19	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://booking.kalculatedmedia.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
booking.kalculatedmedia.com
c.bing.com
c.clarity.ms
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
media.hd.pics
stats.g.doubleclick.net
td.doubleclick.net
u.clarity.ms
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
142.250.80.68
142.251.41.3
157.240.241.1
157.240.241.35
20.110.205.119
2001:4860:4802:32::181
2606:4700::6812:666a
2606:4700::6812:676a
2607:f8b0:4004:c21::9b
2607:f8b0:4006:80b::2002
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::200a
2607:f8b0:4006:821::2008
2620:1ec:29:1::40
2620:1ec:c11::237
4.227.249.197
0687f26eb304f113e315e3c20d862e3d7b79902182fecc6bc67f807dfe35a056
09f68b5f8d470a0a6871b6b0c351abb25f5cccab66a855f2bb9fdc3eaa96832b
139d59ccc19a2c971b168f621bee0efacb8189c84cc5c206903213401c5f8ed2
13cf5b373af78af0f17be12a46c02d2155e368466d7d7a6ff3cf06a0f7ab0749
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
30cac909f09d17b786b588be157d6e92f49361857b2a809bdaae18838ccc6215
33f27e683b218ec8c3e717c9666aaff8bc0e4cc1a00a9eae7a0a02c622c7e5d3
3822ffa2107cdf0b72769b526130967e5bd16735bb6bb625aa5e2b77669136ef
3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4532c72861416f873da03b791426e1ea2a2a5ff866fb0d4d961baf4c30dcf658
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
53fd9f8f10346480c5ccff312bcd24b9d41a5c76550b6a0b6ec094381ae3f2b7
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5a87cd3eca3d1b0c5df6631e18049ab664f7911d0a8a31f8888d364f7642bb7b
5d7a1967efe3cc05d345e4676c5ed789c5b75eb24f97b80c4531ad3b626e6e31
69628f00319f0500422bcb35993a0f56a8f916ee9c2a40d5f57b38152b137b3b
6d5425a51680abbb73017c4441811a583e068ff5c56b4755f6aeeb257f0e6cda
76397e0690fb789c8ef9b166155ca10cc75981f2f830aa89bc8a477a3755f671
835d52b9c620ea3ab01d056476e3a9f5270d24fa05b8d7c312bee0e219aa9825
8dd5eba900f9cc66bb881c01ce200384defcb96f62392bf348cbaef72ad4e0e5
8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c6d63c0a3ae96f9be399b084b6a7198a74298c31467d4733aedf1d1aa33f568
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b61fcf6f13088eae61ca930b3a5db2b25dd69d5f6896356dd57fa8848208c5e9
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
bd67c2c035c4641ef20aaf43405c9e1d8d9385209b00d90ada55afcbdc53bd53
c2a09584fcd8a5eb8452639817cfd0abab8e2cb7bcb2f705856537dc408e9d5b
d2985f60e922d8796396c202ffcb9f6f6c2a57f510cb49f9babf16d025c6b058
d9d2c64f9d30ed6df204af541c11ad2bb1a4f6cf61d75a11618ad9204f7bc315
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6ac446345e9379f1da4d812545ecb917992bbba176d0facb590f0c8cf2ac97b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

booking.kalculatedmedia.com Open in urlscan Pro 2606:4700::6812:666a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

96 %HTTPS

63 %IPv6

11 Domains

16 Subdomains

15 IPs

1 Countries

1738 kBTransfer

3596 kBSize

18 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

booking.kalculatedmedia.com Open in urlscan Pro
2606:4700::6812:666a Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

63 %
IPv6

11
Domains

16
Subdomains

15
IPs

1
Countries

1738 kB
Transfer

3596 kB
Size

18
Cookies

49 HTTP transactions
0 data transactions