Submitted URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_...
Effective URL: http://www6.hotelname.com/lander?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Fin...
Submission: On December 11 via api from US — Scanned from US

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 64 HTTP transactions. The main IP is 15.197.204.56, located in United States and belongs to AMAZON-02, US. The main domain is www6.hotelname.com.
This is the only time www6.hotelname.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 212.44.102.40 43128 (DHH-AS We...)
5 172.253.63.97 15169 (GOOGLE)
1 45.33.20.235 63949 (AKAMAI-LI...)
3 31.13.66.19 32934 (FACEBOOK)
4 74.125.192.94 15169 (GOOGLE)
1 142.251.179.100 15169 (GOOGLE)
1 142.251.179.154 15169 (GOOGLE)
1 173.194.66.154 15169 (GOOGLE)
1 142.251.174.155 15169 (GOOGLE)
1 13.107.253.40 8075 (MICROSOFT...)
4 31.13.66.35 32934 (FACEBOOK)
1 2 45.33.2.79 63949 (AKAMAI-LI...)
2 15.197.204.56 16509 (AMAZON-02)
1 74.125.192.147 15169 (GOOGLE)
4 23.212.249.79 20940 (AKAMAI-AS...)
4 34.231.195.107 14618 (AMAZON-AES)
1 142.251.16.157 15169 (GOOGLE)
1 172.253.122.139 15169 (GOOGLE)
2 45.79.38.145 63949 (AKAMAI-LI...)
2 172.253.122.138 15169 (GOOGLE)
64 21
Apex Domain
Subdomains
Transfer
20 sibon.si
sibon.si
863 KB
5 hotelname.com
bookings.hotelname.com
www6.hotelname.com
4 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
488 KB
4 godaddy.com
api.aws.parking.godaddy.com — Cisco Umbrella Rank: 61999
2 KB
4 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 10742
177 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
5 KB
4 gstatic.com
fonts.gstatic.com
113 KB
3 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 3335
720 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
83 KB
2 trafficmotor.com
postback.trafficmotor.com — Cisco Umbrella Rank: 245687
227 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
549 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 3
52 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5439
589 B
1 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
c.clarity.ms Failed
1 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
0 google-analytics.com Failed
www.google-analytics.com Failed
0 roomcloud.net Failed
booking.roomcloud.net Failed
64 17
Domain Requested by
20 sibon.si sibon.si
5 www.googletagmanager.com sibon.si
www.googletagmanager.com
4 api.aws.parking.godaddy.com img1.wsimg.com
4 img1.wsimg.com www6.hotelname.com
img1.wsimg.com
4 www.facebook.com sibon.si
4 fonts.gstatic.com sibon.si
3 syndicatedsearch.goog www.google.com
3 connect.facebook.net sibon.si
connect.facebook.net
3 bookings.hotelname.com 1 redirects sibon.si
bookings.hotelname.com
2 postback.trafficmotor.com img1.wsimg.com
2 www6.hotelname.com bookings.hotelname.com
www6.hotelname.com
1 partner.googleadservices.com www.google.com
1 www.google.com www6.hotelname.com
1 www.clarity.ms www.googletagmanager.com
www.clarity.ms
1 pagead2.googlesyndication.com www.googletagmanager.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
0 c.clarity.ms Failed
0 www.google-analytics.com Failed www.googletagmanager.com
0 booking.roomcloud.net Failed sibon.si
64 21

This site contains links to these domains. Also see Links.

Domain
www.afternic.com
Subject Issuer Validity Valid
*.sibon.si
R11
2024-11-04 -
2025-02-02
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.mytrafficmanagement.com
R3
2023-08-10 -
2023-11-08
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-19 -
2024-12-18
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.g.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
www.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2
2024-09-19 -
2025-10-21
a year crt.sh
*.aws.parking.godaddy.com
Go Daddy Secure Certificate Authority - G2
2024-04-15 -
2025-05-17
a year crt.sh
*.googleadservices.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
syndicatedsearch.goog
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
postback.trafficmotor.com
R10
2024-12-06 -
2025-03-06
3 months crt.sh

This page contains 4 frames:

Primary Page: http://www6.hotelname.com/lander?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0
Frame ID: 3BA27FD2B233DA2A6249E9DB3F1A73A5
Requests: 63 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-Y3H6ENBM7N&gacid=133649097.1733894061&gtm=45je4ca0v875619272za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=222592041
Frame ID: 2571E74F0CD7EA09701CEFFCB0AE8D01
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fsibon.si
Frame ID: 2EB7F3A0533B804EED307B4CFCC68F34
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=7621175430&pcsa=false&channel=00001&domain_name=hotelname.com&client=dp-namemedia01&r=m&rpbu=http%3A%2F%2Fwww6.hotelname.com%2Flander%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1733894062.0470770000%26uuid%3D1733894062.0470770000%26term%3DFind%2520a%2520Hotel%26term%3DLast%2520Minute%2520Hotel%2520Deals%26term%3DRent%2520a%2520Car%26searchbox%3D0%26showDomain%3D0%26backfill%3D0&terms=Find%20a%20Hotel%2CLast%20Minute%20Hotel%20Deals%2CRent%20a%20Car&type=3&uiopt=true&swp=as-drid-oo-1502969727449347&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107%2C49280906%2C72771953&format=r3&nocache=8561733894063825&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=-600&dt=1733894063826&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=relatedLinks&drt=0&jsid=caf&nfp=1&jsv=702325170&rurl=http%3A%2F%2Fwww6.hotelname.com%2Flander%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1733894062.0470770000%26uuid%3D1733894062.0470770000%26term%3DFind%2520a%2520Hotel%26term%3DLast%2520Minute%2520Hotel%2520Deals%26term%3DRent%2520a%2520Car%26searchbox%3D0%26showDomain%3D0%26backfill%3D0&referer=http%3A%2F%2Fwww6.hotelname.com%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1733894062.0470770000%26uuid%3D1733894062.0470770000%26term%3DFind%2520a%2520Hotel%26term%3DLast%2520Minute%2520Hotel%2520Deals%26term%3DRent%2520a%2520Car%26searchbox%3D0%26showDomain%3D0%26backfill%3D0
Frame ID: 1FCA57FBF31D2577C3B4C7C36BDCC892
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_cam... Page URL
  2. http://bookings.hotelname.com/ HTTP 307
    https://bookings.hotelname.com/ Page URL
  3. https://bookings.hotelname.com/?gp=1&js=1&uuid=1733894062.0096133618&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjo... HTTP 302
    http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.04707... HTTP 307
    https://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.04707... HTTP 307
    http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.04707... Page URL
  4. http://www6.hotelname.com/lander?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

88 %
HTTPS

0 %
IPv6

17
Domains

21
Subdomains

21
IPs

3
Countries

1789 kB
Transfer

5168 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more Page URL
  2. http://bookings.hotelname.com/ HTTP 307
    https://bookings.hotelname.com/ Page URL
  3. https://bookings.hotelname.com/?gp=1&js=1&uuid=1733894062.0096133618&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
    http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0 HTTP 307
    https://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0 HTTP 307
    http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0 Page URL
  4. http://www6.hotelname.com/lander?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://booking.roomcloud.net/be/se2/hotel.jsp?hotel=15778/files/css/bke-searchbox.scss HTTP 302
  • https://booking.roomcloud.net/be/se2/error.jsp
Request Chain 49
  • http://bookings.hotelname.com/ HTTP 307
  • https://bookings.hotelname.com/
Request Chain 52
  • https://bookings.hotelname.com/?gp=1&js=1&uuid=1733894062.0096133618&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
  • http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0 HTTP 307
  • https://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0 HTTP 307
  • http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
sibon.si/relax-for-two/
289 KB
28 KB
Document
General
Full URL
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
b656b35c3f019a4a92ad89cfc4a2e105a307778073994c48258ea16441725ddc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
cache-control
public, max-age=2592000 private
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 05:14:19 GMT
expires
Fri, 10 Jan 2025 05:14:19 GMT
link
<https://sibon.si/wp-json/>; rel="https://api.w.org/" <https://sibon.si/wp-json/wp/v2/posts/17523>; rel="alternate"; title="JSON"; type="application/json" <https://sibon.si/?p=17523&lang=en>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-pingback
https://sibon.si/xmlrpc.php
x-turbo-charged-by
LiteSpeed
styles.css
sibon.si/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/
58 KB
7 KB
Stylesheet
General
Full URL
https://sibon.si/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
content-encoding
br
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
6473
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Tue, 26 Nov 2024 10:43:25 GMT
vary
Accept-Encoding
server
LiteSpeed
style.min.css
sibon.si/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/
787 B
631 B
Stylesheet
General
Full URL
https://sibon.si/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/style.min.css
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
6db448a15b4382997efe9df1de934b99939c1ae8751a8ec05c5b71e77567576a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
content-encoding
br
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
217
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Tue, 26 Nov 2024 10:43:25 GMT
vary
Accept-Encoding
server
LiteSpeed
style.min.css
sibon.si/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/
258 B
512 B
Stylesheet
General
Full URL
https://sibon.si/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
content-encoding
br
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
99
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Tue, 26 Nov 2024 10:43:25 GMT
vary
Accept-Encoding
server
LiteSpeed
cookieblocker.min.css
sibon.si/wp-content/plugins/complianz-gdpr/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://sibon.si/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
0d5f949fcf84560d013b596b51856d6bc487bedc510bc712e82458f00b2506e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
content-encoding
br
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
615
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Tue, 26 Nov 2024 10:41:07 GMT
vary
Accept-Encoding
server
LiteSpeed
default.css
sibon.si/wp-content/plugins/tablepress/css/build/
6 KB
2 KB
Stylesheet
General
Full URL
https://sibon.si/wp-content/plugins/tablepress/css/build/default.css
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
1f80e6b33604a220dc354d5efbe1958827ced1aca779688a8372188b59454f15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
content-encoding
br
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
1329
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Tue, 26 Nov 2024 10:42:47 GMT
vary
Accept-Encoding
server
LiteSpeed
f971ddbda4c2bc677358254bc7d81449.min.css
sibon.si/wp-content/uploads/fusion-styles/
844 KB
107 KB
Stylesheet
General
Full URL
https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
1a841b65f7e201dafcfc46d95a9b145012317e1a2a814189bb708025e5c61424

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
content-encoding
br
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
109487
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Thu, 21 Nov 2024 16:27:10 GMT
vary
Accept-Encoding
server
LiteSpeed
app.js
sibon.si/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/
166 KB
48 KB
Script
General
Full URL
https://sibon.si/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/app.js
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
1e052a5f00f6352164d2a2d578697b6b7a412f964d6a38cc768aa030baeaf9b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=31536000
content-encoding
br
expires
Thu, 11 Dec 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
48359
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 10:43:26 GMT
vary
Accept-Encoding
server
LiteSpeed
js
www.googletagmanager.com/gtag/
400 KB
130 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y3H6ENBM7N
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bc25ff1c6fca1b42333e6c69c9c5ea3b41b951ef654a12d71619fa9fd633d734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 11 Dec 2024 05:14:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 05:14:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
132590
x-xss-protection
0
server
Google Tag Manager
SIBON-Bel-napis-595x328px.png
sibon.si/wp-content/uploads/2024/01/
11 KB
12 KB
Image
General
Full URL
https://sibon.si/wp-content/uploads/2024/01/SIBON-Bel-napis-595x328px.png
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
b511b11a708de424a1f64c133bbcdc7cac2da39da12c6409fb5ece56cf5a2b95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
11769
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/png
last-modified
Tue, 30 Jan 2024 11:03:15 GMT
server
LiteSpeed
Sibon_logo_4s_01.png
sibon.si/wp-content/uploads/2022/12/
24 KB
24 KB
Image
General
Full URL
https://sibon.si/wp-content/uploads/2022/12/Sibon_logo_4s_01.png
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
a77ed825f61c03ddfa9eb5db360cb6b417ae8e22b791d243d562a7d9d7f96b50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
24406
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/png
last-modified
Wed, 14 Dec 2022 16:30:40 GMT
server
LiteSpeed
Sibon_novi_paketi2024-380x210px_ANG_10-1-500x383.jpg
sibon.si/wp-content/uploads/2024/01/
34 KB
34 KB
Image
General
Full URL
https://sibon.si/wp-content/uploads/2024/01/Sibon_novi_paketi2024-380x210px_ANG_10-1-500x383.jpg
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
5185ef57e006c6561a51934baaa9fe1425fdf29fbf6763173ec12429e3c37503

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
34500
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/jpeg
last-modified
Wed, 28 Aug 2024 06:42:38 GMT
server
LiteSpeed
Sibon_novi_paketi2024-380x210px_ANG_13-500x383.jpg
sibon.si/wp-content/uploads/2023/10/
34 KB
34 KB
Image
General
Full URL
https://sibon.si/wp-content/uploads/2023/10/Sibon_novi_paketi2024-380x210px_ANG_13-500x383.jpg
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
336871d180cce5743511bdb644d7239ae5cd7e293519992861b4f7e2028b5e5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
34441
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/jpeg
last-modified
Thu, 12 Sep 2024 16:53:13 GMT
server
LiteSpeed
Sibon_novi_paketi2024-380x210px_ANG_14-500x383.jpg
sibon.si/wp-content/uploads/2022/07/
44 KB
44 KB
Image
General
Full URL
https://sibon.si/wp-content/uploads/2022/07/Sibon_novi_paketi2024-380x210px_ANG_14-500x383.jpg
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
15a34c7918adf1a5df4b0d30a5a498acef81b2bf73b2c8280842f02f7678371e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=2592000
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
44631
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/jpeg
last-modified
Thu, 21 Nov 2024 09:21:20 GMT
server
LiteSpeed
bke-searchbox.js
bookings.hotelname.com/files/js/
157 B
389 B
Script
General
Full URL
https://bookings.hotelname.com/files/js/bke-searchbox.js
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.20.235 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li974-235.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

accept-ranges
bytes
content-length
157
date
Wed, 11 Dec 2024 05:14:21 GMT
etag
"63bdda4c-9d"
content-type
application/javascript
last-modified
Tue, 10 Jan 2023 21:36:12 GMT
server
openresty/1.13.6.1
error.jsp
booking.roomcloud.net/be/se2/
Redirect Chain
  • https://booking.roomcloud.net/be/se2/hotel.jsp?hotel=15778/files/css/bke-searchbox.scss
  • https://booking.roomcloud.net/be/se2/error.jsp
0
0

jquery.min.js
sibon.si/wp-includes/js/jquery/
86 KB
29 KB
Script
General
Full URL
https://sibon.si/wp-includes/js/jquery/jquery.min.js
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=31536000
content-encoding
br
expires
Thu, 11 Dec 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
29744
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
application/javascript
last-modified
Wed, 08 Nov 2023 03:34:09 GMT
vary
Accept-Encoding
server
LiteSpeed
comment-reply.min.js
sibon.si/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://sibon.si/wp-includes/js/comment-reply.min.js
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=31536000
content-encoding
br
expires
Thu, 11 Dec 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
1247
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 02:41:39 GMT
vary
Accept-Encoding
server
LiteSpeed
complianz.min.js
sibon.si/wp-content/plugins/complianz-gdpr/cookiebanner/js/
39 KB
10 KB
Script
General
Full URL
https://sibon.si/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
e48afa0ca2fdaed77ef3d14202f805ab16829b42e321b71635d538f9e9efa4e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=31536000
content-encoding
br
expires
Thu, 11 Dec 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
10134
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 10:41:07 GMT
vary
Accept-Encoding
server
LiteSpeed
0babec1b6491ed8b401814e9bc238f17.min.js
sibon.si/wp-content/uploads/fusion-scripts/
384 KB
103 KB
Script
General
Full URL
https://sibon.si/wp-content/uploads/fusion-scripts/0babec1b6491ed8b401814e9bc238f17.min.js
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
637a23aeae1c7abe655fe91591864a5dfd9bcf615caa985a7d16c24ae39a11bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more

Response headers

cache-control
public, max-age=31536000
content-encoding
br
expires
Thu, 11 Dec 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
104567
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 16:27:10 GMT
vary
Accept-Encoding
server
LiteSpeed
gtm.js
www.googletagmanager.com/
323 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K3T55VZ4
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1e14a025e875612a738226eff2402f47119985d85750cab56181d7f06c281432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 11 Dec 2024 05:14:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 05:14:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 11 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112336
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
239 KB
63 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-miobMxw3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 05:14:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-miobMxw3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=12, mss=1392, tbw=2968, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
kyam/rSQBnziE+j1C+PxFQBX5+qasEC1jXQmSkjGn/UEj1ybzdt8QyY+m6bIdM8mu+KGBsSbfG4R7qQ43Gifgw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
truncated
/
148 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf806ab0de8ca5c31cbff88d815cdfc05031697b554a813e2565b3ca2e88f22e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
148 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcdc25010004334e8ce3e658ac3e4f30aba017843c477306c2cfcad4a55e8515

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
142 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfad1d9698238f65b158583070deef8ce6a468cf152e9cbd469b4dbe32157235

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
142 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fda661ff9faea61e8fceda11a7f43cbd26b11b467a838e52efe30453da21086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
SibonNaslovnaSlikav2.jpg
sibon.si/wp-content/uploads/2024/01/
351 KB
352 KB
Image
General
Full URL
https://sibon.si/wp-content/uploads/2024/01/SibonNaslovnaSlikav2.jpg
Requested by
Host: sibon.si
URL: https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
4a9d28cda3433b2ef0d839a3dd6c09d5cfb2fab83e0a2e2b4a881324338277a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css

Response headers

cache-control
public, max-age=2592000
expires
Fri, 10 Jan 2025 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
359616
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/jpeg
last-modified
Mon, 15 Jan 2024 16:50:50 GMT
server
LiteSpeed
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: sibon.si
URL: https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sibon.si
Referer
https://sibon.si/

Response headers

age
183430
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 02:17:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 02:17:11 GMT
last-modified
Wed, 27 Apr 2022 16:12:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19292
x-xss-protection
0
server
sffe
awb-icons.woff
sibon.si/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/
20 KB
20 KB
Font
General
Full URL
https://sibon.si/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by
Host: sibon.si
URL: https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
129b3422c0a2b9b6f08a19d8777f313ab28c5fb0aa050d1170c822443c8dc28c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sibon.si
Referer
https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css

Response headers

cache-control
public, max-age=604800
expires
Wed, 18 Dec 2024 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
20076
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
font/woff
last-modified
Mon, 06 Jun 2022 19:32:44 GMT
server
LiteSpeed
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: sibon.si
URL: https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sibon.si
Referer
https://sibon.si/

Response headers

age
340578
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 06:38:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 06:38:03 GMT
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
47048
x-xss-protection
0
server
sffe
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v37/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: sibon.si
URL: https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sibon.si
Referer
https://sibon.si/

Response headers

age
372436
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 21:47:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 21:47:05 GMT
last-modified
Wed, 31 Jan 2024 23:15:04 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21904
x-xss-protection
0
server
sffe
Hotel-Icon-Set.ttf
sibon.si/wp-content/uploads/fusion-icons/Hotel-Icon-Set-v1.0/fonts/
5 KB
6 KB
Font
General
Full URL
https://sibon.si/wp-content/uploads/fusion-icons/Hotel-Icon-Set-v1.0/fonts/Hotel-Icon-Set.ttf?88nj5y
Requested by
Host: sibon.si
URL: https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.44.102.40 , Slovenia, ASN43128 (DHH-AS Webtasy, d.o.o., SI),
Reverse DNS
lcp-6.controlpanel.si
Software
LiteSpeed /
Resource Hash
baa82aa437425e0d4dffe03a1cfb0b44cf3ba3bc3a8d1efa0768e8581dd7bde9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sibon.si
Referer
https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css

Response headers

cache-control
public, max-age=604800
expires
Wed, 18 Dec 2024 05:14:20 GMT
accept-ranges
bytes
alt-svc
h3=":3443"; ma=2592000, h3-29=":3443"; ma=2592000, h3-Q050=":3443"; ma=2592000, h3-Q046=":3443"; ma=2592000, h3-Q043=":3443"; ma=2592000, quic=":3443"; ma=2592000; v="43,46"
content-length
5328
date
Wed, 11 Dec 2024 05:14:20 GMT
x-turbo-charged-by
LiteSpeed
content-type
font/ttf
last-modified
Mon, 06 Jun 2022 19:32:44 GMT
server
LiteSpeed
QdVUSTchPBm7nuUeVf70sCFlq20.woff2
fonts.gstatic.com/s/questrial/v18/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70sCFlq20.woff2
Requested by
Host: sibon.si
URL: https://sibon.si/wp-content/uploads/fusion-styles/f971ddbda4c2bc677358254bc7d81449.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f94.1e100.net
Software
sffe /
Resource Hash
3ce9155591efa79b6811324ce08ccf7c0820c91cf6fd19bccbaae8ccf762b980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sibon.si
Referer
https://sibon.si/

Response headers

age
217118
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Mon, 08 Dec 2025 16:55:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 16:55:43 GMT
last-modified
Wed, 27 Apr 2022 16:12:53 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
26844
x-xss-protection
0
server
sffe
3385656128426740
connect.facebook.net/signals/config/
78 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/3385656128426740?v=2.9.178&r=stable&domain=sibon.si&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
d4d6837c5437d8f35ae85827cbc83b87918368808f0fdbd4f38c9acc035977eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-pNj5RjJe' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 05:14:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-pNj5RjJe' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=64, mss=1392, tbw=67916, tp=-1, tpl=-1, uplat=84, ullat=0
pragma
public
x-fb-debug
vjVepfoX0BIuQ1aCH6btSg7UPi0laH7xbm7Xcd/sMCB/lbGOKOp7TQ+9f8C8a5yemEHa37es0JEh243xzSYwVw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-Y3H6ENBM7N&gtm=45je4ca0v875619272za200&_p=1733894060708&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=133649097.1733894061&ecid=1005611878&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733894061&sct=1&seg=0&dl=https%3A%2F%2Fsibon.si%2Frelax-for-two%2F%3Flang%3Den%26utm_source%3Dslovenia.info%26utm_medium%3Daffiliate%26utm_campaign%3Dslovenia.info_affiliate_link%26utm_content%3Dmore&dt=Relax%20for%20two%20-%20Sibon%20Resort&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.link_attribution=true&ep.anonymize_ip=true&tfd=4369
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y3H6ENBM7N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.100 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sibon.si
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 05:14:21 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
549 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y3H6ENBM7N&cid=133649097.1733894061&gtm=45je4ca0v875619272za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y3H6ENBM7N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sibon.si
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 05:14:21 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 2571
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-Y3H6ENBM7N&gacid=133649097.1733894061&gtm=45je4ca0v875619272za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=222592041
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y3H6ENBM7N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sibon.si/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 05:14:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
378 KB
124 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-952866842&l=dataLayer&cx=c&gtm=45He4ca0v9168497070za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3T55VZ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ce8c9d139e938dbc9cd6a8eb4f015ec6ef338eae32e9f008869a0ad94e1022ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 11 Dec 2024 05:14:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 05:14:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
126637
x-xss-protection
0
server
Google Tag Manager
collect
pagead2.googlesyndication.com/ccm/
0
0
Ping
General
Full URL
https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsibon.si%2Frelax-for-two%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=998068617.1733894061&npa=1&gtm=45He4ca0v9168497070za200&gcs=G100&gcd=13p3p3p3p5l1&dma_cps=-&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733894061481&tfd=4429&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3T55VZ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f155.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

llsru5v2pf
www.clarity.ms/tag/
689 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/llsru5v2pf?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3T55VZ4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Wed, 11 Dec 2024 05:14:22 GMT
content-type
application/x-javascript
x-azure-ref
20241211T051421Z-16dcdd88dfckhrdqhC1MNZe1xn00000004t0000000006wu7
destination
www.googletagmanager.com/gtag/
378 KB
124 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-952866842&l=dataLayer&cx=c&gtm=45He4ca0v9168497070za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3T55VZ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e9a78d1897288398cbcae906d2cb8431d9e2b9e45d5dbd63d05b83366e316d18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 11 Dec 2024 05:14:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 05:14:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
126644
x-xss-protection
0
server
Google Tag Manager
1222703655619967
connect.facebook.net/signals/config/
25 KB
4 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1222703655619967?v=2.9.178&r=stable&domain=sibon.si&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C135%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C127%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
671612786436edd646e950882d2c3d1e4bdbbb6b1639e60ab35767e3649a8e83
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-7hgHrfYH' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 05:14:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-7hgHrfYH' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=79, mss=1392, tbw=84672, tp=-1, tpl=-1, uplat=61, ullat=0
pragma
public
x-fb-debug
7LdiAr2+5kShMD6BvNCnG0HxPqvECAG8gpFf15stOpbJ3q+JIrmzm7mJy4Ul6RU2PfhGAfaGlVt43eFf9sySjw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=3385656128426740&ev=PageView&dl=https%3A%2F%2Fsibon.si%2Frelax-for-two%2F%3Flang%3Den%26utm_source%3Dslovenia.info%26utm_medium%3Daffiliate%26utm_campaign%3Dslovenia.info_affiliate_link%26utm_content%3Dmore&rl=&if=false&ts=1733894061511&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733894061508.179646136678917511&cs_est=true&ler=empty&cdl=API_unavailable&it=1733894061243&coo=false&rqm=GET
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=3000, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 11 Dec 2024 05:14:22 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3385656128426740&ev=PageView&dl=https%3A%2F%2Fsibon.si%2Frelax-for-two%2F%3Flang%3Den%26utm_source%3Dslovenia.info%26utm_medium%3Daffiliate%26utm_campaign%3Dslovenia.info_affiliate_link%26utm_content%3Dmore&rl=&if=false&ts=1733894061511&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733894061508.179646136678917511&cs_est=true&ler=empty&cdl=API_unavailable&it=1733894061243&coo=false&rqm=FGET
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447018291741000641"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447018291741000641"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 05:14:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
i86Tg78ejDlFXj8SIEDR2NCQNfBCMSHrBK3C4a1sgssK2vqMgewtzPTrDKD3vtuqNSXjXVHpcQf26eZkEtXyyw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447018291741000641", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=3349, tp=-1, tpl=-1, uplat=74, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 2EB7
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fsibon.si
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3T55VZ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 05:14:22 GMT
expires
Thu, 11 Dec 2025 05:14:22 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
0

/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1222703655619967&ev=PageView&dl=https%3A%2F%2Fsibon.si%2Frelax-for-two%2F%3Flang%3Den%26utm_source%3Dslovenia.info%26utm_medium%3Daffiliate%26utm_campaign%3Dslovenia.info_affiliate_link%26utm_content%3Dmore&rl=&if=false&ts=1733894061699&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733894061508.179646136678917511&ler=empty&cdl=API_unavailable&it=1733894061243&coo=false&rqm=GET
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=3000, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 11 Dec 2024 05:14:22 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
1 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1222703655619967&ev=PageView&dl=https%3A%2F%2Fsibon.si%2Frelax-for-two%2F%3Flang%3Den%26utm_source%3Dslovenia.info%26utm_medium%3Daffiliate%26utm_campaign%3Dslovenia.info_affiliate_link%26utm_content%3Dmore&rl=&if=false&ts=1733894061699&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733894061508.179646136678917511&ler=empty&cdl=API_unavailable&it=1733894061243&coo=false&rqm=FGET
Requested by
Host: sibon.si
URL: https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sibon.si/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447018292825345026"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447018292825345026"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 05:14:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
I40NVsoDxVrQwMXlPofnxPm2E09fF1rbEf/psVRqixeu2LbdKsB+/LWVh3xXPMprHjH8EYw9f5N0fJ4U5pvixg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447018292825345026", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=6763, tp=-1, tpl=-1, uplat=80, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
bookings.hotelname.com/
Redirect Chain
  • http://bookings.hotelname.com/
  • https://bookings.hotelname.com/
996 B
756 B
Document
General
Full URL
https://bookings.hotelname.com/
Requested by
Host: bookings.hotelname.com
URL: https://bookings.hotelname.com/files/js/bke-searchbox.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.2.79 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li956-79.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash
672238eaf10947af82ef231afc21c5131ab0aa2599444409a608036569da92f5

Request headers

Referer
https://sibon.si/relax-for-two/?lang=en&utm_source=slovenia.info&utm_medium=affiliate&utm_campaign=slovenia.info_affiliate_link&utm_content=more
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 11 Dec 2024 05:14:22 GMT
server
openresty/1.13.6.1
transfer-encoding
chunked

Redirect headers

Location
https://bookings.hotelname.com/
Non-Authoritative-Reason
HttpsUpgrades
clarity.js
www.clarity.ms/s/0.7.56/
0
0

c.gif
c.clarity.ms/
0
0

/
www6.hotelname.com/
Redirect Chain
  • https://bookings.hotelname.com/?gp=1&js=1&uuid=1733894062.0096133618&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsa...
  • http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&...
  • https://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0...
  • http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&...
308 B
410 B
Document
General
Full URL
http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0
Requested by
Host: bookings.hotelname.com
URL: https://bookings.hotelname.com/
Protocol
HTTP/1.1
Server
15.197.204.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a3edc0dabdef92d6d.awsglobalaccelerator.com
Software
/
Resource Hash
2c8bc9b1861b8b6578b755b251cc22d12439ffe41856861f8f99a81cb9f00541

Request headers

Referer
https://bookings.hotelname.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
308
content-type
text/html
date
Wed, 11 Dec 2024 05:14:22 GMT

Redirect headers

Location
http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0
Non-Authoritative-Reason
HttpsUpgrades
Primary Request lander
www6.hotelname.com/
536 B
1 KB
Document
General
Full URL
http://www6.hotelname.com/lander?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0
Requested by
Host: www6.hotelname.com
URL: http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0
Protocol
HTTP/1.1
Server
15.197.204.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a3edc0dabdef92d6d.awsglobalaccelerator.com
Software
openresty /
Resource Hash
fc3af7d152407d6f8a55e11de6021a67e1952c68691cc2ab9c9947e3b51e7d25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www6.hotelname.com/?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=86400
content-type
text/html
date
Wed, 11 Dec 2024 05:14:22 GMT
server
openresty
transfer-encoding
chunked
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_bOtXOt4a8jCEKDNJyxiOVfIIj3JJd7dzE76nHQbcTdEGtxWQLRrEj9z8QrcTcmLq5YZH6bgvKQtrvUhkrAsCbA
x-content-type-options
nosniff
caf.js
www.google.com/adsense/domains/
143 KB
52 KB
Script
General
Full URL
https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
Requested by
Host: www6.hotelname.com
URL: http://www6.hotelname.com/lander?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f147.1e100.net
Software
sffe /
Resource Hash
8a075459cfb969a4cedf891daa20b2f89ac6c2233368dbc3e0c96eb63936ef7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www6.hotelname.com/

Response headers

content-encoding
gzip
etag
"14443323072325346483"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 05:14:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 05:14:23 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
main.203056e5.js
img1.wsimg.com/parking-lander/static/js/
678 KB
175 KB
Script
General
Full URL
https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Requested by
Host: www6.hotelname.com
URL: http://www6.hotelname.com/lander?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.79 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1fccb5214073a256d7cc8dd1d35da87cde9c4c8964fc91f1272525425fc00385

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www6.hotelname.com/

Response headers

content-encoding
gzip
etag
"d4150b0548622b8cfaaeb5e44b3bc500"
x-amz-version-id
k6PBMTfroQ3vvxAD4MqrWJ.JQzMuwLzz
expires
Thu, 11 Dec 2025 05:14:22 GMT
date
Wed, 11 Dec 2024 05:14:22 GMT
last-modified
Wed, 04 Dec 2024 21:18:50 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
0W5Gnm0UDP6Gp8skE6m8CjI4jAVdVQ6aDF42LRZ93H0S28RwhFvP6wf8D1cDrtDbWxTVnWaqAyxJgdyamjlDiw==
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-request-id
RBA04CEH70WAVP0R
accept-ranges
bytes
access-control-allow-origin
*
content-length
178946
x-amz-server-side-encryption
AES256
main.8b4b0fd9.css
img1.wsimg.com/parking-lander/static/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://img1.wsimg.com/parking-lander/static/css/main.8b4b0fd9.css
Requested by
Host: www6.hotelname.com
URL: http://www6.hotelname.com/lander?template=ARROW_3&tdfs=1&s_token=1733894062.0470770000&uuid=1733894062.0470770000&term=Find%20a%20Hotel&term=Last%20Minute%20Hotel%20Deals&term=Rent%20a%20Car&searchbox=0&showDomain=0&backfill=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.79 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de8d7fc2b4281251d0841f714464bfac8c6bf261524a5b90dc1cce8a21b80c59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www6.hotelname.com/

Response headers

content-encoding
gzip
etag
"6b04485d759f91c2a552b5cc0fd8df90"
x-amz-version-id
t2U_dN4PNTVi6jXJsFcE4wUZVgavqpxO
expires
Thu, 11 Dec 2025 05:14:22 GMT
date
Wed, 11 Dec 2024 05:14:22 GMT
last-modified
Wed, 04 Dec 2024 21:18:53 GMT
content-type
text/css
vary
Accept-Encoding
x-amz-id-2
8AqE+Bx84ivp+3lGhIwj+rH11pLgjfNswgWPVFbupaMTMMiWJ9+AySqjyTbaPRiu3EpoLDk3V2bzuw6xLWnJwg==
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-request-id
RBA2V0PAXGENA7CE
accept-ranges
bytes
access-control-allow-origin
*
content-length
1552
x-amz-server-side-encryption
AES256
px.js
img1.wsimg.com/parking-lander/
0
0
Fetch
General
Full URL
https://img1.wsimg.com/parking-lander/px.js?ch=1&abp=1&gdabp=true
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.79 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www6.hotelname.com/

Response headers

content-encoding
gzip
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id
YBM5c9Rwl_oUrW6hZARDEvm4obfs9sBc
expires
Thu, 11 Dec 2025 05:14:23 GMT
date
Wed, 11 Dec 2024 05:14:23 GMT
last-modified
Thu, 14 Nov 2024 23:44:23 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
V3KKEeYQhWjpc/+MRS5SeKNCV5a+xF9J3fzwQ6a7Ybu11uLFyge16j41apITBYTapt4gZZ6ze9E=
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-request-id
JW4Y6RX4MHV0PA26
accept-ranges
bytes
access-control-allow-origin
*
content-length
20
x-amz-server-side-encryption
AES256
domain
api.aws.parking.godaddy.com/v1/domains/
1 KB
2 KB
Fetch
General
Full URL
https://api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.hotelname.com&portfolioId=&abp=1&gdabp=true
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.195.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-195-107.compute-1.amazonaws.com
Software
/
Resource Hash
4b84136e20d2c9f739968a9021d5e708c92024932bb70b2d0f8f0d37b0e8825c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Request-Id
ac9ec99b-2e1e-4803-bc87-484afb4c5ae9
Referer
http://www6.hotelname.com/

Response headers

access-control-max-age
600
x-request-id
ac9ec99b-2e1e-4803-bc87-484afb4c5ae9
cache-control
Private,max-age=86400
access-control-allow-credentials
true
access-control-allow-origin
http://www6.hotelname.com
content-length
1247
date
Wed, 11 Dec 2024 05:14:23 GMT
content-type
application/json
domain
api.aws.parking.godaddy.com/v1/domains/ Frame
0
0
Preflight
General
Full URL
https://api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.hotelname.com&portfolioId=&abp=1&gdabp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.195.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-195-107.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-request-id
Access-Control-Request-Method
GET
Origin
http://www6.hotelname.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Request-Id
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
http://www6.hotelname.com
access-control-max-age
600
content-length
0
date
Wed, 11 Dec 2024 05:14:23 GMT
x-request-id
KJyLeG6N
px.js
img1.wsimg.com/parking-lander/
0
0
Fetch
General
Full URL
https://img1.wsimg.com/parking-lander/px.js?ch=2&abp=2&gdabp=true
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.79 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-249-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www6.hotelname.com/

Response headers

content-encoding
gzip
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id
YBM5c9Rwl_oUrW6hZARDEvm4obfs9sBc
expires
Thu, 11 Dec 2025 05:14:23 GMT
date
Wed, 11 Dec 2024 05:14:23 GMT
last-modified
Thu, 14 Nov 2024 23:44:23 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
yzDreBYmO1MOe1gY9jrptbqM7MCDlIHHcXWtILR8Eo+aEvn4NQtieKr6C0G1O8BZHSH24t5pX8HthH5CHwRtbw==
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-request-id
VJB4152J27746F0S
accept-ranges
bytes
access-control-allow-origin
*
content-length
20
x-amz-server-side-encryption
AES256
cookie.js
partner.googleadservices.com/gampad/
380 B
589 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www6.hotelname.com&client=dp-namemedia01&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
684ff3d0f93badb7e6de2b6f6b8f6bca135c020dbe5320b534d07a711bd9fd1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www6.hotelname.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
244
date
Wed, 11 Dec 2024 05:14:24 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
syndicatedsearch.goog/afs/ Frame 1FCA
0
0
Document
General
Full URL
https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=7621175430&pcsa=false&channel=00001&domain_name=hotelname.com&client=dp-namemedia01&r=m&rpbu=http%3A%2F%2Fwww6.hotelname.com%2Flander%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1733894062.0470770000%26uuid%3D1733894062.0470770000%26term%3DFind%2520a%2520Hotel%26term%3DLast%2520Minute%2520Hotel%2520Deals%26term%3DRent%2520a%2520Car%26searchbox%3D0%26showDomain%3D0%26backfill%3D0&terms=Find%20a%20Hotel%2CLast%20Minute%20Hotel%20Deals%2CRent%20a%20Car&type=3&uiopt=true&swp=as-drid-oo-1502969727449347&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107%2C49280906%2C72771953&format=r3&nocache=8561733894063825&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=-600&dt=1733894063826&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=relatedLinks&drt=0&jsid=caf&nfp=1&jsv=702325170&rurl=http%3A%2F%2Fwww6.hotelname.com%2Flander%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1733894062.0470770000%26uuid%3D1733894062.0470770000%26term%3DFind%2520a%2520Hotel%26term%3DLast%2520Minute%2520Hotel%2520Deals%26term%3DRent%2520a%2520Car%26searchbox%3D0%26showDomain%3D0%26backfill%3D0&referer=http%3A%2F%2Fwww6.hotelname.com%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1733894062.0470770000%26uuid%3D1733894062.0470770000%26term%3DFind%2520a%2520Hotel%26term%3DLast%2520Minute%2520Hotel%2520Deals%26term%3DRent%2520a%2520Car%26searchbox%3D0%26showDomain%3D0%26backfill%3D0
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-COotDOz872L6AA-lNZIXUg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
http://www6.hotelname.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2924
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-COotDOz872L6AA-lNZIXUg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Wed, 11 Dec 2024 05:14:24 GMT
expires
Wed, 11 Dec 2024 05:14:24 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
parkingEvents
api.aws.parking.godaddy.com/v1/ Frame
0
0
Preflight
General
Full URL
https://api.aws.parking.godaddy.com/v1/parkingEvents?abp=1&gdabp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.195.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-195-107.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www6.hotelname.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Wed, 11 Dec 2024 05:14:24 GMT
parkingEvents
api.aws.parking.godaddy.com/v1/
0
0
Fetch
General
Full URL
https://api.aws.parking.godaddy.com/v1/parkingEvents?abp=1&gdabp=true
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.195.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-195-107.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
http://www6.hotelname.com/

Response headers

access-control-allow-origin
*
content-length
0
date
Wed, 11 Dec 2024 05:14:24 GMT
content-type
text/plain
/
postback.trafficmotor.com/sn/ Frame
0
0
Preflight
General
Full URL
https://postback.trafficmotor.com/sn/?abp=1&gdabp=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.79.38.145 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1137-145.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www6.hotelname.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
http://www6.hotelname.com
Allow
HEAD, GET, POST, OPTIONS
Connection
close
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 11 Dec 2024 05:14:25 GMT
Server
openresty/1.13.6.1
Vary
Origin
/
postback.trafficmotor.com/sn/
3 B
227 B
Fetch
General
Full URL
https://postback.trafficmotor.com/sn/?abp=1&gdabp=true
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.203056e5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.79.38.145 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1137-145.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
http://www6.hotelname.com/

Response headers

Access-Control-Allow-Origin
http://www6.hotelname.com
Content-Length
3
Date
Wed, 11 Dec 2024 05:14:25 GMT
Content-Type
application/json
Vary
Origin
Server
openresty/1.13.6.1
Connection
close
gen_204
syndicatedsearch.goog/afs/
0
509 B
Image
General
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-namemedia01&output=uds_ads_only&zx=4k23wzrsqc7i&aqid=sB9ZZ5DJFqucivYPiZ6oyQQ&psid=7621175430&pbt=bs&adbx=550&adby=112&adbh=464&adbw=500&adbah=148%2C148%2C148&adbn=master-1&eawp=partner-dp-namemedia01&errv=702325170&csala=8%7C0%7C652%7C72%7C10&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f138.1e100.net
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-FQt0VmEhY8YPEetHVkcXLQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www6.hotelname.com/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-FQt0VmEhY8YPEetHVkcXLQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 11 Dec 2024 05:14:26 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
gws
x-frame-options
SAMEORIGIN
gen_204
syndicatedsearch.goog/afs/
0
211 B
Image
General
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-namemedia01&output=uds_ads_only&zx=cwy2oyab3qgk&aqid=sB9ZZ5DJFqucivYPiZ6oyQQ&psid=7621175430&pbt=bv&adbx=550&adby=112&adbh=464&adbw=500&adbah=148%2C148%2C148&adbn=master-1&eawp=partner-dp-namemedia01&errv=702325170&csala=8%7C0%7C652%7C72%7C10&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f138.1e100.net
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-_I4A2wWQOT1bLne9Rbeu2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www6.hotelname.com/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-_I4A2wWQOT1bLne9Rbeu2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 11 Dec 2024 05:14:26 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
gws
x-frame-options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
booking.roomcloud.net
URL
https://booking.roomcloud.net/be/se2/error.jsp
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8KR07WYNTD&gtm=45be4ca0v9169315565z89168497070za200&_p=1733894060708&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=240049965.1733894062&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1733894061&sct=1&seg=0&dl=https%3A%2F%2Fsibon.si%2Frelax-for-two%2F%3Flang%3Den%26utm_source%3Dslovenia.info%26utm_medium%3Daffiliate%26utm_campaign%3Dslovenia.info_affiliate_link%26utm_content%3Dmore&dt=Relax%20for%20two%20-%20Sibon%20Resort&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4639
Domain
www.clarity.ms
URL
https://www.clarity.ms/s/0.7.56/clarity.js
Domain
c.clarity.ms
URL
https://c.clarity.ms/c.gif

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| googleNDT_ number| googleAltLoader object| google string| LANDER_SYSTEM function| clearImmediate function| setImmediate function| __sasCookie

16 Cookies

Domain/Path Name / Value
sibon.si/ Name: PH_HPXY_CHECK
Value: s1
.sibon.si/ Name: _ga_Y3H6ENBM7N
Value: GS1.1.1733894061.1.0.1733894061.60.0.1005611878
.sibon.si/ Name: _ga
Value: GA1.1.133649097.1733894061
.sibon.si/ Name: _fbp
Value: fb.1.1733894061508.179646136678917511
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.clarity.ms/ Name: CLID
Value: 0821cc0977f5401c9197aa13bbac0a72.20241211.20251211
bookings.hotelname.com/ Name: mtm_delivered
Value: WyJib29raW5ncy5ob3RlbG5hbWUuY29tIiwiaHR0cDovL3d3dzYuaG90ZWxuYW1lLmNvbS8_dGVtcGxhdGU9QVJST1dfMyZ0ZGZzPTEmc190b2tlbj0xNzMzODk0MDYyLjA0NzA3NzAwMDAmdXVpZD0xNzMzODk0MDYyLjA0NzA3NzAwMDAmdGVybT1GaW5kJTIwYSUyMEhvdGVsJnRlcm09TGFzdCUyME1pbnV0ZSUyMEhvdGVsJTIwRGVhbHMmdGVybT1SZW50JTIwYSUyMENhciZzZWFyY2hib3g9MCZzaG93RG9tYWluPTAmYmFja2ZpbGw9MCIsMSwiMjAyNC0xMi0xMSAwNToxNDoyMiIsMSwiMTczMzg5NDA2Mi4wNDcwNzcwMDAwIiw3NCxudWxsLG51bGxd:1tLF3G:RxmajqSaELL48NNsuvNznD0Sq4A
www6.hotelname.com/ Name: expiry_partner
Value:
www6.hotelname.com/ Name: caf_ipaddr
Value: 208.252.80.223
www6.hotelname.com/ Name: country
Value: US
www6.hotelname.com/ Name: city
Value: New%20York
www6.hotelname.com/ Name: lander_type
Value: parking
api.aws.parking.godaddy.com/ Name: AWSALBCORS
Value: YJgZw5Ejso0WoPdWH8mJIIqTw6by5vahYgRnpV7Bmi4pk+Z7XxTwycqQSNP1swmQ1s/XW8v18of2jQeWFGmf8wMb2AAkZDVQCCWtZUcxHW4nAwO7ElnY71J5OHdc
api.aws.parking.godaddy.com/ Name: cpvisitor
Value: 54e05774-cd87-4c3c-b66a-796f1a65518c
.hotelname.com/ Name: __gsas
Value: ID=efaa53c4b8c4d972:T=1733894064:RT=1733894064:S=ALNI_MYQ9WujLWsBGu3fVyJ8gZspAGIfFQ
www6.hotelname.com/ Name: pvisitor
Value: fb53463f-0752-45f9-a9df-0b02ebf5c725

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.aws.parking.godaddy.com
booking.roomcloud.net
bookings.hotelname.com
c.clarity.ms
connect.facebook.net
fonts.gstatic.com
img1.wsimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
postback.trafficmotor.com
sibon.si
stats.g.doubleclick.net
syndicatedsearch.goog
td.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www6.hotelname.com
booking.roomcloud.net
c.clarity.ms
www.clarity.ms
www.google-analytics.com
13.107.253.40
142.251.16.157
142.251.174.155
142.251.179.100
142.251.179.154
15.197.204.56
172.253.122.138
172.253.122.139
172.253.63.97
173.194.66.154
212.44.102.40
23.212.249.79
31.13.66.19
31.13.66.35
34.231.195.107
45.33.2.79
45.33.20.235
45.79.38.145
74.125.192.147
74.125.192.94
0d5f949fcf84560d013b596b51856d6bc487bedc510bc712e82458f00b2506e5
129b3422c0a2b9b6f08a19d8777f313ab28c5fb0aa050d1170c822443c8dc28c
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
15a34c7918adf1a5df4b0d30a5a498acef81b2bf73b2c8280842f02f7678371e
1a841b65f7e201dafcfc46d95a9b145012317e1a2a814189bb708025e5c61424
1e052a5f00f6352164d2a2d578697b6b7a412f964d6a38cc768aa030baeaf9b7
1e14a025e875612a738226eff2402f47119985d85750cab56181d7f06c281432
1f80e6b33604a220dc354d5efbe1958827ced1aca779688a8372188b59454f15
1fccb5214073a256d7cc8dd1d35da87cde9c4c8964fc91f1272525425fc00385
2c8bc9b1861b8b6578b755b251cc22d12439ffe41856861f8f99a81cb9f00541
336871d180cce5743511bdb644d7239ae5cd7e293519992861b4f7e2028b5e5b
3ce9155591efa79b6811324ce08ccf7c0820c91cf6fd19bccbaae8ccf762b980
4a9d28cda3433b2ef0d839a3dd6c09d5cfb2fab83e0a2e2b4a881324338277a8
4b84136e20d2c9f739968a9021d5e708c92024932bb70b2d0f8f0d37b0e8825c
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274
5185ef57e006c6561a51934baaa9fe1425fdf29fbf6763173ec12429e3c37503
51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
637a23aeae1c7abe655fe91591864a5dfd9bcf615caa985a7d16c24ae39a11bb
671612786436edd646e950882d2c3d1e4bdbbb6b1639e60ab35767e3649a8e83
672238eaf10947af82ef231afc21c5131ab0aa2599444409a608036569da92f5
684ff3d0f93badb7e6de2b6f6b8f6bca135c020dbe5320b534d07a711bd9fd1c
6db448a15b4382997efe9df1de934b99939c1ae8751a8ec05c5b71e77567576a
8a075459cfb969a4cedf891daa20b2f89ac6c2233368dbc3e0c96eb63936ef7d
8fda661ff9faea61e8fceda11a7f43cbd26b11b467a838e52efe30453da21086
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f
a77ed825f61c03ddfa9eb5db360cb6b417ae8e22b791d243d562a7d9d7f96b50
b511b11a708de424a1f64c133bbcdc7cac2da39da12c6409fb5ece56cf5a2b95
b656b35c3f019a4a92ad89cfc4a2e105a307778073994c48258ea16441725ddc
baa82aa437425e0d4dffe03a1cfb0b44cf3ba3bc3a8d1efa0768e8581dd7bde9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc25ff1c6fca1b42333e6c69c9c5ea3b41b951ef654a12d71619fa9fd633d734
bcdc25010004334e8ce3e658ac3e4f30aba017843c477306c2cfcad4a55e8515
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce8c9d139e938dbc9cd6a8eb4f015ec6ef338eae32e9f008869a0ad94e1022ea
cf806ab0de8ca5c31cbff88d815cdfc05031697b554a813e2565b3ca2e88f22e
d4d6837c5437d8f35ae85827cbc83b87918368808f0fdbd4f38c9acc035977eb
de8d7fc2b4281251d0841f714464bfac8c6bf261524a5b90dc1cce8a21b80c59
dfad1d9698238f65b158583070deef8ce6a468cf152e9cbd469b4dbe32157235
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48afa0ca2fdaed77ef3d14202f805ab16829b42e321b71635d538f9e9efa4e2
e9a78d1897288398cbcae906d2cb8431d9e2b9e45d5dbd63d05b83366e316d18
fc3af7d152407d6f8a55e11de6021a67e1952c68691cc2ab9c9947e3b51e7d25
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546