urlscan.io logo urlscan.io
SecurityTrails logo

travelfusion.blueskybooking.com Open in urlscan Pro
100.24.181.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://travelfusion.blueskybooking.com/
Effective URL: https://travelfusion.blueskybooking.com/?version=latest
Submission: On April 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 25 HTTP transactions. The main IP is 100.24.181.213, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is travelfusion.blueskybooking.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 31st 2020. Valid for: 3 months.
This is the only time travelfusion.blueskybooking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    100.24.181.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-181-213.compute-1.amazonaws.com
travelfusion.blueskybooking.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    52.203.127.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-127-171.compute-1.amazonaws.com
run.pstmn.io
1    2a04:4e42:400::729 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
1    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a04:4e42:3::393 (Ascension Island)

ASN54113 (FASTLY, US)
res.cloudinary.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    3.88.94.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-94-142.compute-1.amazonaws.com
analytics.getpostman.com
Domain Requested by
14 travelfusion.blueskybooking.com 1 redirects travelfusion.blueskybooking.com
3 fonts.gstatic.com travelfusion.blueskybooking.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 run.pstmn.io travelfusion.blueskybooking.com
1 analytics.getpostman.com travelfusion.blueskybooking.com
1 www.google.de travelfusion.blueskybooking.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 res.cloudinary.com travelfusion.blueskybooking.com
1 www.googletagmanager.com travelfusion.blueskybooking.com
1 cdn.ravenjs.com travelfusion.blueskybooking.com
1 fonts.googleapis.com travelfusion.blueskybooking.com
25 12

This site contains links to these domains. Also see Links.

Domain
github.com
Subject Issuer Validity Valid
travelfusion.blueskybooking.com
Let's Encrypt Authority X3		 2020-01-31 -
2020-04-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.pstmn.io
Amazon		 2019-11-24 -
2020-12-24		 a year crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-09 -
2020-12-18		 8 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2018-07-01 -
2020-06-22		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
getpostman.com
Amazon		 2019-12-18 -
2021-01-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://travelfusion.blueskybooking.com/?version=latest
Frame ID: 751CEC1A00C0C0060EF86FE939D5F9C8
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://travelfusion.blueskybooking.com/ HTTP 302
    https://travelfusion.blueskybooking.com/?version=latest Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

25
Requests

100 %
HTTPS

75 %
IPv6

12
Domains

12
Subdomains

11
IPs

4
Countries

338 kB
Transfer

1741 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://travelfusion.blueskybooking.com/ HTTP 302
    https://travelfusion.blueskybooking.com/?version=latest Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=976408714&t=pageview&_s=1&dl=https%3A%2F%2Ftravelfusion.blueskybooking.com%2F%3Fversion%3Dlatest&ul=en-us&de=UTF-8&dt=Travel%20Fusion&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=677788354&gjid=2088237787&cid=38540083.1587623841&tid=UA-43979731-4&_gid=2101477401.1587623841&_r=1&gtm=2wg4f0KCKQFT&z=303233440 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43979731-4&cid=38540083.1587623841&jid=677788354&_gid=2101477401.1587623841&gjid=2088237787&_v=j81&z=303233440 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43979731-4&cid=38540083.1587623841&jid=677788354&_v=j81&z=303233440 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43979731-4&cid=38540083.1587623841&jid=677788354&_v=j81&z=303233440&slf_rd=1&random=1842857475

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
travelfusion.blueskybooking.com/
Redirect Chain
  • https://travelfusion.blueskybooking.com/
  • https://travelfusion.blueskybooking.com/?version=latest
25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travelfusion.blueskybooking.com/?version=latest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c7e557dcfc266f53ec7e7445db3b2905749ac8e576c3ae48ae1f2cca79fb3ae5
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-Chu1Rhjaf/k3VOxk0p0I//nCkKMmj6PwgtqDwBXh2iUZxx6T'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
travelfusion.blueskybooking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
content-encoding
gzip
content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-Chu1Rhjaf/k3VOxk0p0I//nCkKMmj6PwgtqDwBXh2iUZxx6T'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-type
text/html; charset=utf-8
date
Thu, 23 Apr 2020 06:37:19 GMT
etag
W/"65d0-CXjbvph/T9uG31Z8MwYSKwpJ+l0"
referrer-policy
no-referrer-when-downgrade
server
nginx
set-cookie
_SERVICE_PUB_ID=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT postman.sid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT documentationConfig=j%3A%7B%22documentationLayout%22%3A%22classic-double-column%22%7D; Max-Age=315360000; Path=/view/4617419/SVfMRps9; Expires=Sun, 21 Apr 2030 06:37:19 GMT documentationConfig=j%3A%7B%22documentationLayout%22%3A%22classic-double-column%22%7D; Max-Age=315360000; Path=/view/SVfMRps9; Expires=Sun, 21 Apr 2030 06:37:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-srv-span
v=1;s=a5f77971f6209ade
x-srv-trace
v=1;t=fb0ddaa6e13edf81
x-xss-protection
1; mode=block
content-length
6167
connection
Close

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-pcssPqAOLsT82vpxIOU5GHIZ5PhpHQWo42+GxAR6bS9Qs//K'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
date
Thu, 23 Apr 2020 06:37:19 GMT
location
?version=latest
referrer-policy
no-referrer-when-downgrade
server
nginx
set-cookie
_SERVICE_PUB_ID=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT postman.sid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-srv-span
v=1;s=c8a01fbc6da51adb
x-srv-trace
v=1;t=2c91d4f00ee23745
x-xss-protection
1; mode=block
content-length
0
connection
Close
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700,800
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Apr 2020 06:37:19 GMT
server
ESF
date
Thu, 23 Apr 2020 06:37:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Apr 2020 06:37:19 GMT
production.min.v1.12.1.css
travelfusion.blueskybooking.com/styles/ 		207 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelfusion.blueskybooking.com/styles/production.min.v1.12.1.css
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
558bd10184865ad106c7abc47b36b241dc658121072e8f54f9dc997816540ac4
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-GdfYmYT11Ef5s0KrC6jbCUIWm4ZjnuLqVB3tVCnxVO+ctJSW'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-GdfYmYT11Ef5s0KrC6jbCUIWm4ZjnuLqVB3tVCnxVO+ctJSW'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-encoding
gzip
x-srv-trace
v=1;t=40715e11dee79684
transfer-encoding
chunked
connection
Close
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 19 Apr 2020 21:35:18 GMT
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:20 GMT
Vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
cache-control
public, max-age=31536000
access-control-allow-credentials
true
etag
W/"33d49-171945df717"
accept-ranges
bytes
x-content-type-options
nosniff
x-srv-span
v=1;s=d22c15e20b2d0fe4
custom.scss
travelfusion.blueskybooking.com/styles/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelfusion.blueskybooking.com/styles/custom.scss?top-bar=FFFFFF&right-sidebar=303030&highlight=EF5B25&
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0299e707c594317fd50155431a635756a2bb53d8df3b4e9a7463bdcb0ffb2f37
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-Gy7Z7m28RdfZpec8ShQjo3UllGcm0NJWVbBhP2fpLtDAywKw'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-Gy7Z7m28RdfZpec8ShQjo3UllGcm0NJWVbBhP2fpLtDAywKw'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-encoding
gzip
x-srv-trace
v=1;t=73fe2539acb4b49b
connection
Close
Vary
Accept-Encoding
content-length
3120
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=utf-8
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
access-control-allow-credentials
true
etag
W/"31a9-Rzb4KmCE3mR3WAGp597nLcPpttQ"
x-content-type-options
nosniff
x-srv-span
v=1;s=2cfadf93af9a1de3
button.css
run.pstmn.io/ 		12 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://run.pstmn.io/button.css
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.127.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-127-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c18a309b242a1cd24c3d41e1d5080ce4c65bc741b23aefe13b07ca0c5ff20966
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 06:37:20 GMT
Content-Encoding
gzip
x-srv-trace
v=1;t=be2201f7572031a9
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
5068
X-XSS-Protection
1; mode=block
Referrer-Policy
Last-Modified
Thu, 26 Mar 2020 10:41:52 GMT
Server
nginx
X-Frame-Options
DENY
ETag
W/"310b-171166f1980"
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
x-srv-span
v=1;s=97a1f6ad9c316bdd
messenger-setup.js
travelfusion.blueskybooking.com/js/ 		138 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelfusion.blueskybooking.com/js/messenger-setup.js
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6e63d7aea81082745b3c5b19186268f414f6d1c76ce74fa16f61771d07a2ca32
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-2cPrI59QbRSZr7Z1dVD/yaFoBkOuAm0SJMm9hBa1cvc1848T'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-2cPrI59QbRSZr7Z1dVD/yaFoBkOuAm0SJMm9hBa1cvc1848T'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-encoding
gzip
x-srv-trace
v=1;t=f45c45959611295d
connection
Close
content-length
131
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Apr 2020 07:24:43 GMT
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:20 GMT
Vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
cache-control
public, max-age=31536000
access-control-allow-credentials
true
etag
W/"8a-1717cb9ca78"
x-content-type-options
nosniff
x-srv-span
v=1;s=a7ffa4744623b5f4
runbutton.js
travelfusion.blueskybooking.com/js/ 		878 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelfusion.blueskybooking.com/js/runbutton.js
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
67026a1a3479878009e1e0b0878e9056ce4463b6842458ea3dabd894047661c4
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-M3cXBJfLrLBDf6VSXInG8xLaSLLErQQoD0UPrt6tjLFlnses'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-M3cXBJfLrLBDf6VSXInG8xLaSLLErQQoD0UPrt6tjLFlnses'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-encoding
gzip
x-srv-trace
v=1;t=806785a93c5476c3
connection
Close
content-length
504
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Apr 2020 07:24:43 GMT
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:20 GMT
Vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
cache-control
public, max-age=31536000
access-control-allow-credentials
true
etag
W/"36e-1717cb9ca78"
x-content-type-options
nosniff
x-srv-span
v=1;s=8d53e02321d0db7a
raven.min.js
cdn.ravenjs.com/3.26.2/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.26.2/raven.min.js
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://travelfusion.blueskybooking.com/?version=latest
Origin
https://travelfusion.blueskybooking.com

Response headers

date
Thu, 23 Apr 2020 06:37:19 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 15:59:55 GMT
server
Fastly
age
85194
etag
"1419f17d4165274db4b1ad69fc9721c5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13696
production.min.v1.12.1.js
travelfusion.blueskybooking.com/js/ 		383 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelfusion.blueskybooking.com/js/production.min.v1.12.1.js
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2977c9c07c0350cb2cfe45cbdc30768589d6ca3eb9d9bf113d63aa8ddf9cf24b
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-kvY8hoaR/oD3KRrAFo2sTA/SB4fsa8Pn+1wO54fYueDMKv2D'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-kvY8hoaR/oD3KRrAFo2sTA/SB4fsa8Pn+1wO54fYueDMKv2D'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-encoding
gzip
x-srv-trace
v=1;t=7a52a8a673ab2720
transfer-encoding
chunked
connection
Close
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 19 Apr 2020 21:35:16 GMT
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:20 GMT
Vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
cache-control
public, max-age=31536000
access-control-allow-credentials
true
etag
W/"5fac4-171945defc3"
accept-ranges
bytes
x-content-type-options
nosniff
x-srv-span
v=1;s=37e86d7c4d13dd51
gtm.js
www.googletagmanager.com/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KCKQFT
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70bcf7e0b2779948e029fbda2a1446d072afaaf4a6c2df71c18c4ad53e9aac06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 06:37:20 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
25953
x-xss-protection
0
last-modified
Thu, 23 Apr 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Apr 2020 06:37:20 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7a6c16a92acad1234d44acb9ddfc26549e0247b6e309e74760332be962c49b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
364c0519110c3edd88e096c90173288aaf59a557165152a449782c12de2455b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700,800
Origin
https://travelfusion.blueskybooking.com

Response headers

date
Fri, 03 Apr 2020 05:34:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
1731755
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
9180
x-xss-protection
0
expires
Sat, 03 Apr 2021 05:34:45 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700,800
Origin
https://travelfusion.blueskybooking.com

Response headers

date
Wed, 15 Apr 2020 23:49:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
629256
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:49:44 GMT
button.js
run.pstmn.io/ 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://run.pstmn.io/button.js
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/js/runbutton.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.127.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-127-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8fc98a23a60b733e4d076806b89a44a5c47af4d714182569306df601878503c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 06:37:20 GMT
Content-Encoding
gzip
x-srv-trace
v=1;t=689a54f4fda52af6
transfer-encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Referrer-Policy
Last-Modified
Thu, 26 Mar 2020 10:41:52 GMT
Server
nginx
X-Frame-Options
DENY
ETag
W/"e31f-171166f1980"
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
x-srv-span
v=1;s=bfd6b827fd4c9122
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCKQFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3527
date
Thu, 23 Apr 2020 05:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 23 Apr 2020 07:38:34 GMT
SVfMRps9
travelfusion.blueskybooking.com/api/collections/4617419/ 		407 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://travelfusion.blueskybooking.com/api/collections/4617419/SVfMRps9?versionTag=latest
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/js/production.min.v1.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b438349f0e13f7e5ca6ac8ed082644052ff9d93dc9f38cfd292a55ca8128ee8b
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-fu/Xf3pqQUEcCKEdBGAwBb9MDSVOdTpQS4PohM9Q1Q0kIy13'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://travelfusion.blueskybooking.com/?version=latest
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-fu/Xf3pqQUEcCKEdBGAwBb9MDSVOdTpQS4PohM9Q1Q0kIy13'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-encoding
gzip
x-srv-trace
v=1;t=f8ab33b1425bc8e0
connection
Close
Vary
Accept-Encoding
content-length
22986
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
access-control-allow-credentials
true
etag
W/"65aa5-vdtPdWhf5sgXEa8ZyeeS8WHTzgE"
x-content-type-options
nosniff
x-srv-span
v=1;s=1a576ba2fdb6e0d2
8e10e063eb04f659f499569888d99e74883f17841baab04c9b97f9ae1d84942c
res.cloudinary.com/postman/image/upload/w_152,h_56,c_fit,f_auto,t_team_logo/v1/team/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/postman/image/upload/w_152,h_56,c_fit,f_auto,t_team_logo/v1/team/8e10e063eb04f659f499569888d99e74883f17841baab04c9b97f9ae1d84942c
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:3::393 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
5057df7ccd94b8b84fa1cb8ea332980b65e6c0c4c52076b2306aaf4c6839c088
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 06:37:21 GMT
vary
Accept,User-Agent
status
200
content-disposition
inline; filename="8e10e063eb04f659f499569888d99e74883f17841baab04c9b97f9ae1d84942c.webp"
server-timing
cloudinary;dur=423;start=2020-04-23T06:37:21.148Z,fastly;dur=1;total=515;start=2020-04-23T06:37:21.103Z;desc=miss,rtt;dur=5
content-length
6366
last-modified
Mon, 18 Jun 2018 05:09:40 GMT
server
Cloudinary
etag
"8743ace2a288b7c0c828c42577eff649"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=976408714&t=pageview&_s=1&dl=https%3A%2F%2Ftravelfusion.blueskybooking.com%2F%3Fversion%3Dlatest&ul=en-us&de=UTF-8&dt=Travel%20Fusion&sd=24-b...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43979731-4&cid=38540083.1587623841&jid=677788354&_gid=2101477401.1587623841&gjid=2088237787&_v=j81&z=303233440
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43979731-4&cid=38540083.1587623841&jid=677788354&_v=j81&z=303233440
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43979731-4&cid=38540083.1587623841&jid=677788354&_v=j81&z=303233440&slf_rd=1&random=1842857475
42 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43979731-4&cid=38540083.1587623841&jid=677788354&_v=j81&z=303233440&slf_rd=1&random=1842857475
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 06:37:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Apr 2020 06:37:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43979731-4&cid=38540083.1587623841&jid=677788354&_v=j81&z=303233440&slf_rd=1&random=1842857475
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
analytics.getpostman.com/ 		257 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.getpostman.com/event
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/?version=latest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.94.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-94-142.compute-1.amazonaws.com
Software
/
Resource Hash
6473a805531190b637acc517bf1f166175fe343e68f17f6dca65a52a414e6d18

Request headers

Referer
https://travelfusion.blueskybooking.com/?version=latest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Apr 2020 06:37:21 GMT
x-amzn-requestid
0d72094c-0b26-46ea-bc46-6cb0e3ef404a
status
200
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5ea137a1-e8fab048b585a742c79cc934
x-amz-apigw-id
LbWhQE9hIAMFntA=
content-length
257
SVfMRps9
travelfusion.blueskybooking.com/api/examples/4617419/ 		403 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://travelfusion.blueskybooking.com/api/examples/4617419/SVfMRps9?lang=curl&variant=cURL&versionTag=latest
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/js/production.min.v1.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ad5af5a4035c31df27883dabfc8f80de3895fbd59288befd7bdf1301adf462d5
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-h2N5VG7L8hyuw0Xmk7s7QCbqjwSu6yMROUuMk/To25Q+8hAk'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://travelfusion.blueskybooking.com/?version=latest
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-h2N5VG7L8hyuw0Xmk7s7QCbqjwSu6yMROUuMk/To25Q+8hAk'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-encoding
gzip
x-srv-trace
v=1;t=46392ec162ae9ec6
connection
Close
Vary
Accept-Encoding
content-length
20173
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
access-control-allow-credentials
true
etag
W/"64a03-O6/UjcRqE0Z7v+BzUz3I17wpoc4"
x-content-type-options
nosniff
x-srv-span
v=1;s=2472af420fe9e388
doc_sprites.png
travelfusion.blueskybooking.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelfusion.blueskybooking.com/images/doc_sprites.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
953f73b4d3d479e924e2260d2a960f4f0a1b9d82ab7d66c6c5d19ddcfa145509
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-mhOEsqAV0DmTi7qUOewebzswjNlVPE2b9oxTIXQUjIeBFUJW'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/styles/production.min.v1.12.1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-mhOEsqAV0DmTi7qUOewebzswjNlVPE2b9oxTIXQUjIeBFUJW'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
x-srv-trace
v=1;t=a4c804be2fb719f6
connection
Close
content-length
4094
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Apr 2020 07:24:43 GMT
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
cache-control
public, max-age=31536000
access-control-allow-credentials
true
etag
W/"ffe-1717cb9ca78"
accept-ranges
bytes
x-content-type-options
nosniff
x-srv-span
v=1;s=7932299b05015f2d
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53e2f188783560d797a9e3fd37bfdcc41c5e59ba8ef94843ea83f3cc6280bbc4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700,800
Origin
https://travelfusion.blueskybooking.com

Response headers

date
Fri, 03 Apr 2020 00:59:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1748276
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
9080
x-xss-protection
0
expires
Sat, 03 Apr 2021 00:59:25 GMT
copy.svg
travelfusion.blueskybooking.com/images/ 		656 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelfusion.blueskybooking.com/images/copy.svg
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/js/production.min.v1.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ae1d46cce49e8aad8246d7e545038e923f4fc1c9f5398eeb50ce1859bdaad09e
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-Ie+Ken4fR1gw6O0RAPR/CG7KGjOmPHeh8y+JAk5Jcp70ZAD2'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/styles/production.min.v1.12.1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-Ie+Ken4fR1gw6O0RAPR/CG7KGjOmPHeh8y+JAk5Jcp70ZAD2'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
strict-transport-security
max-age=31536000; includeSubDomains
x-srv-trace
v=1;t=43b1b0da8831cbb0
connection
Close
content-length
656
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Apr 2020 07:24:43 GMT
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:24 GMT
Vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
cache-control
public, max-age=31536000
access-control-allow-credentials
true
etag
W/"290-1717cb9ca78"
accept-ranges
bytes
x-content-type-options
nosniff
x-srv-span
v=1;s=82c30556cead2d87
dropdown.svg
travelfusion.blueskybooking.com/images/ 		186 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelfusion.blueskybooking.com/images/dropdown.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f73520295a4a58525bddb33b7aeb72b0b285fc2b08db912b8e123dc08a381801
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-sSkrnyr6NkTpOxRtTGSNSYKN/gC5u2Qnb0KF7ygExpD8fP5Z'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/styles/production.min.v1.12.1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-sSkrnyr6NkTpOxRtTGSNSYKN/gC5u2Qnb0KF7ygExpD8fP5Z'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
strict-transport-security
max-age=31536000; includeSubDomains
x-srv-trace
v=1;t=c105b266700c7638
connection
Close
content-length
186
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Apr 2020 07:24:43 GMT
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:24 GMT
Vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
cache-control
public, max-age=31536000
access-control-allow-credentials
true
etag
W/"ba-1717cb9ca78"
accept-ranges
bytes
x-content-type-options
nosniff
x-srv-span
v=1;s=8a8a986391521436
chosen-sprite.png
travelfusion.blueskybooking.com/styles/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelfusion.blueskybooking.com/styles/chosen-sprite.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
746dfee420a6c73e6e8b686604b6553166a62916b723c9c59266a71479107013
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-emNZcTqNHG9nlyQ+ehM2h+cM93zPyQ+GrI8qvN7TjF7o+n5P'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelfusion.blueskybooking.com/styles/production.min.v1.12.1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-emNZcTqNHG9nlyQ+ehM2h+cM93zPyQ+GrI8qvN7TjF7o+n5P'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-encoding
gzip
x-srv-trace
v=1;t=b26be8aeef51457a
connection
Close
Vary
Accept-Encoding
content-length
2132
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=utf-8
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
access-control-allow-credentials
true
etag
W/"1a31-F2DMJuU9TdeFDmX3fCgLRQ0SUCU"
x-content-type-options
nosniff
x-srv-span
v=1;s=1e6788d0d439fa47
/
travelfusion.blueskybooking.com/settings/curl/cURL/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://travelfusion.blueskybooking.com/settings/curl/cURL/
Requested by
Host: travelfusion.blueskybooking.com
URL: https://travelfusion.blueskybooking.com/js/production.min.v1.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.181.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-181-213.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bbbaae3abb6d21556316ac1a8b207847aea58f1f5c2c8b1f1247144310d8003a
Security Headers
Name Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-RL6nglK1hoXfL08yEJg4kXG/0mLy/v50B4Ewg24xhZ0tMGui'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://travelfusion.blueskybooking.com/?version=latest
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-RL6nglK1hoXfL08yEJg4kXG/0mLy/v50B4Ewg24xhZ0tMGui'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
content-encoding
gzip
x-srv-trace
v=1;t=dfee229d21c21b5f
connection
Close
Vary
Accept-Encoding
content-length
693
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
DENY
date
Thu, 23 Apr 2020 06:37:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
https://phs.getpostman.com
access-control-expose-headers
access-control-allow-credentials
true
etag
W/"5f0-AzPlBkwwpMgU/RHLv2H+GRzU5sw"
x-content-type-options
nosniff
x-srv-span
v=1;s=f681bc65e3872de5

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| messenger function| _pm object| PostmanRunObject object| Raven object| google_tag_manager object| _self object| Prism object| scope function| populateScope function| receive function| attachPreviewUpdateHandler object| loader string| envLabel undefined| privateDocUrl undefined| toastTimer object| toc boolean| isExampleLoaded boolean| isCollectionLoaded object| exampleJson object| updatedLanguages object| previousSelectedLanguage object| cache object| config number| defaultToastVisibilityTime boolean| displayPreview object| currentSelectedLanguageSettings boolean| loadingSettings object| topBar object| layoutMap object| selectedLayout string| docBodyClass function| getPreviewStatus function| getCurrentVersion function| bootstrapView function| fetchAllData function| renderAll function| showError function| initialUILoad function| updateSelectedLanguageIfRequired function| applyBranding function| enforceTableWidth function| populateDataIntoTemplate function| showLoader function| prepareView function| scrollToHash function| attachExampleHandlers function| fetchSnippetFromCache function| attachHandlers function| handleExpandableContent function| attachSidebarHandlers function| attachLanguageSelectorDropdownHandlers function| updateSettingValue function| attachToastHandler function| showToast function| hideToast function| hideToastAfter function| extendToastVisibility function| saveSelectedLanguageSettings function| isPositive function| filterLanguagesList function| attachLanguageSettingsHandlers function| attachLanguageSettingsListHandlers function| attachLanguageSettingsRetryHandlers function| handleLanguageSettingsModalClose function| activateFolder function| isSnippetHighlightEnabled function| checkIfPrettifyEnabled function| bindScrollHandler function| adjustDocumentPadding function| setEnvironmentMeta function| handleLayoutChange function| getUpdatedUrl function| documentationDisplayConfigCookie function| getExamples function| getInitialJson function| renderExamples function| sanitiseSnippets function| renderCollection function| updateRequestBodyCacheRecursively function| showInModal function| renderLanguageListInModal function| renderSelectedLanguageSettings function| renderLanguageSettingsModal function| renderLanguageSettingsLoadError function| fetchSelectedLanguageSettings function| showLanguageSettingsModal function| collapseFolder function| expandFolder function| toggleFolderState function| changeResponse function| changeAllRequests function| buildToC function| highlightVisibleSnippets function| fetchContentToHighlight function| elementIsVisible function| changeLoadingText function| setStorageItem function| getStorageItem function| getExamplesForPreview function| getInitialJsonForPreview function| renderExamplesForPreview function| renderCollectionForPreview function| updatePreview function| transformReceivedMessage function| getPublicSnippetsFromApi function| getPreviewSnippetsFromApi function| saveLanguageSettingsUsingApi function| saveLanguageSettingsToLocalStorage function| saveLanguageSettings function| getLanguageSettingsFromLocalStorage function| getSelectedLanguageSettingsFromLocalStorage function| getLanguageSettingsUsingApi function| getSelectedLanguageSettings function| getSelectedLanguageDetails function| getLanguageList function| getSnippets object| Handlebars function| $ function| jQuery function| _ object| Modernizr function| slug string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| meta object| examples object| $languageSelector string| languageTemplate string| snippetVariant string| snippet object| selectedLanguageDetails

3 Cookies

Domain/Path Name / Value
.blueskybooking.com/ Name: _gat_UA-43979731-4
Value: 1
.blueskybooking.com/ Name: _gid
Value: GA1.2.2101477401.1587623841
.blueskybooking.com/ Name: _ga
Value: GA1.2.38540083.1587623841

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy font-src 'self' *.getpostman.com fonts.gstatic.com fonts.googleapis.com; frame-ancestors 'none'; img-src * data:; script-src 'self' 'unsafe-inline' 'strict-dynamic' *.getpostman.com *.pstmn.io www.google-analytics.com www.googletagmanager.com https://cdn.ravenjs.com 'nonce-Chu1Rhjaf/k3VOxk0p0I//nCkKMmj6PwgtqDwBXh2iUZxx6T'; style-src 'self' *.getpostman.com *.pstmn.io fonts.gstatic.com fonts.googleapis.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.getpostman.com
cdn.ravenjs.com
fonts.googleapis.com
fonts.gstatic.com
res.cloudinary.com
run.pstmn.io
stats.g.doubleclick.net
travelfusion.blueskybooking.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
100.24.181.213
2a00:1450:4001:800::2003
2a00:1450:4001:809::2004
2a00:1450:4001:809::200a
2a00:1450:4001:814::2008
2a00:1450:4001:818::200e
2a00:1450:4001:81a::2003
2a00:1450:400c:c0c::9a
2a04:4e42:3::393
2a04:4e42:400::729
3.88.94.142
52.203.127.171
0299e707c594317fd50155431a635756a2bb53d8df3b4e9a7463bdcb0ffb2f37
2977c9c07c0350cb2cfe45cbdc30768589d6ca3eb9d9bf113d63aa8ddf9cf24b
364c0519110c3edd88e096c90173288aaf59a557165152a449782c12de2455b4
4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430
5057df7ccd94b8b84fa1cb8ea332980b65e6c0c4c52076b2306aaf4c6839c088
53e2f188783560d797a9e3fd37bfdcc41c5e59ba8ef94843ea83f3cc6280bbc4
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
558bd10184865ad106c7abc47b36b241dc658121072e8f54f9dc997816540ac4
6473a805531190b637acc517bf1f166175fe343e68f17f6dca65a52a414e6d18
67026a1a3479878009e1e0b0878e9056ce4463b6842458ea3dabd894047661c4
6e63d7aea81082745b3c5b19186268f414f6d1c76ce74fa16f61771d07a2ca32
70bcf7e0b2779948e029fbda2a1446d072afaaf4a6c2df71c18c4ad53e9aac06
746dfee420a6c73e6e8b686604b6553166a62916b723c9c59266a71479107013
84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438
8fc98a23a60b733e4d076806b89a44a5c47af4d714182569306df601878503c1
953f73b4d3d479e924e2260d2a960f4f0a1b9d82ab7d66c6c5d19ddcfa145509
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a7a6c16a92acad1234d44acb9ddfc26549e0247b6e309e74760332be962c49b8
ad5af5a4035c31df27883dabfc8f80de3895fbd59288befd7bdf1301adf462d5
ae1d46cce49e8aad8246d7e545038e923f4fc1c9f5398eeb50ce1859bdaad09e
b438349f0e13f7e5ca6ac8ed082644052ff9d93dc9f38cfd292a55ca8128ee8b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bbbaae3abb6d21556316ac1a8b207847aea58f1f5c2c8b1f1247144310d8003a
c18a309b242a1cd24c3d41e1d5080ce4c65bc741b23aefe13b07ca0c5ff20966
c7e557dcfc266f53ec7e7445db3b2905749ac8e576c3ae48ae1f2cca79fb3ae5
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f73520295a4a58525bddb33b7aeb72b0b285fc2b08db912b8e123dc08a381801