booking-e0q.pages.dev Open in urlscan Pro
172.66.47.116  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response booking-e0q.pages.dev/	813 KB 108 KB	381ms 348ms	Document text/html	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Nuxt Resource Hash 6647222e8c8665ea6561605ca83b1fc94d61a76afa3e050dcc2d81401b7f53f0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-ray 8754a42faf838c46-FRA content-encoding br content-type text/html;charset=utf-8 date Tue, 16 Apr 2024 13:49:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4nXshlqqVeDwVOWwfeNPBG%2F%2FS83jQa4TOl0ftzCHCymCTTVJuA0DlPYTr0%2FJ6onrw5l7EDaLOKs6sDGYfDKkx3BRq9CpuS6Vc%2Bb8MhLnjHXkHILzskkpHumQSCNzyNOws9N7Qq61uq8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by Nuxt
GET H3	200	adroll.js Show response booking-e0q.pages.dev/js/	803 B 884 B	124ms 123ms	Script application/javascript	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/js/adroll.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4eea5f3a92caa6192c3af809c1140b87bc85033de5ad4b38c4984adf5d61bc9d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"bc8414f6a3a15f3c6fb043dcc59fb3a3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kj%2BZPxrP%2BhZ%2FAMRaTx6tGdaYppN0PaPG1YpxUxqji%2FQdW0GmeRWZO2usq1Fm97v0%2F3RJi4hCeHbHl9VKyMrqYByHsKu0IckH2publ0CR4tGjbCXSlLbjPuYA9azZjs2ouO1Gpv%2Bzbgw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 8754a431ea4b8c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	entry.D63agjoH.css booking-e0q.pages.dev/_nuxt/	682 KB 98 KB	107ms 106ms	Stylesheet text/css	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/entry.D63agjoH.css Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccb0387900287ad31cbcd571c8c083efbbd4eb93c27621eb9963f587867c419a Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"c0c9196797904afb5682f8063bf95af8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Eqm%2Fh7%2BOKyj0JBucMuttwXuxuKnsBL2Ui05fnMbxNWCdTBnh%2FuHWxpkdjwTpqE3wjjQsbYQu78kqDlRMCrO8onmIu08sHoA7dUGldZim5EefN8rnuCFPHI3pGU0tZ0hjeE8nL5iphE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325adb8c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	default.BvyUOXTI.css booking-e0q.pages.dev/_nuxt/	459 B 712 B	73ms 71ms	Stylesheet text/css	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/default.BvyUOXTI.css Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7bdde398d48c91b89e24b9a6b16e18280cd99d69333b551714d65cba23096921 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"dd81991b4cd7c7072b0c277669ac40a1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDB8Z8jRUFo%2B982MLX2oS1BuyTiFLMmpmz%2FQ8z6qg6wy%2BLGg4OWiYZCZlmmk9kCeSJhLo24y3mdf2M1oSRYnY3zP945%2F73AQGrrH6MiG7pdB451G4MX8rYygJAoHytu0W8d7GRyQrLQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325adf8c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	VApp.C03tLMqT.css booking-e0q.pages.dev/_nuxt/	308 B 659 B	92ms 91ms	Stylesheet text/css	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/VApp.C03tLMqT.css Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78ea7aebf1454e4881311979581006142473a5da42a423d27c005c2b2a704b15 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2e50402d6c92a0c34e50d1239b22f973" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFtDLorR%2BscAjyZDseLdM4kp32zHRMhyW8caKRr0dbNDAVsl8ZshWZmzSrSZYOdzllvF5zSMKLA4m0kt64NL7qkhLI2%2FYqRYBUtNAR3rjuS9w8i60d7snrwnL3eGHAYbiObCOuFPQqs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325ae18c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	D0NVh0uO.js Show response booking-e0q.pages.dev/_nuxt/	2 MB 422 KB	272ms 271ms	Script application/javascript	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/D0NVh0uO.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05a2815599b151f570df6cedd3e221b159cd74eb34007fa3ef55170ada9a18df Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://booking-e0q.pages.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"c048851b82b7ad8f4a2647b7c346a7a7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wweK0HpgzcOqow2rdPpp0PTAJQ47vD%2BwZO161MShAvUsTI%2FmB8Nyzap2zgNKNsrhNOOWWsyaCdwE9Venb7i2OG5AjDSXR5FF6FpSzNboKGz27QlOF2ZXbeSIfQmMfRLL2HpioIoqr4w%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325ae28c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	4Orqj0lr.js Show response booking-e0q.pages.dev/_nuxt/	773 B 956 B	80ms 78ms	Script application/javascript	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/4Orqj0lr.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e38bb8e3fb3895ccb1bfa8b50e90a95e29547c8a3a42089a8068fdd851ec4f87 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://booking-e0q.pages.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"569da472a3b1d72eb923c6edf9d7e55c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xoJruptBpIO4EKAzpIxfbVyr5eEwhqFTllCozr2O0HETfJzItMnv8qVMaWm0OH15zjM1usEZxTmLkl5SoKTkUoNyCR%2F9H6JmVHL2NdMmLtEFZGjhFAxMQh1laiia6ecDi6hGm9A7RI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325ae68c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	BoYLt5MW.js Show response booking-e0q.pages.dev/_nuxt/	4 KB 2 KB	89ms 87ms	Script application/javascript	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/BoYLt5MW.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32c93f59dd142d6c62a5d34a652fb409e308a6adfba897271f431a3df8d1df92 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://booking-e0q.pages.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"052ad28c5a16454290fccef63c48ccb4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2F2SxO43%2Bv7x0mp7oyz6fxCX%2FAMN5mw9%2FTp%2FwB%2BVEC3pAj8zqKkywY%2BXeArTJ49%2B%2FK79xZLdojglrAVixcwLWJc55pXK42o06nh7fbC%2BcfzHrso9WchFRReP8qwlfIf9CEcTdjQ42YY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325aeb8c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	G-iUQece.js Show response booking-e0q.pages.dev/_nuxt/	183 B 636 B	83ms 81ms	Script application/javascript	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/G-iUQece.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52c275936e23d6bfafb99d6216e9b5479f2fdb451fafe06a54428bfcb0490eeb Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://booking-e0q.pages.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"8790eaa3fc7ea5b5d520c6a48d2f9a66" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fyRy%2BiMxE5q1bSMH21Bs3E99r88Ioz%2BQeaI7S%2FGDe%2FDE1%2BEd%2FnZ1QvURXkz8vd4Sq2txTx0n3a8nNyq7YbV51q%2BQIYY9CJldLILdwBr71yO%2FipdQa5DbbzhdrWgGbluZYGFkt7%2B6hRk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325af08c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	5K_YpriK.js booking-e0q.pages.dev/_nuxt/	0 907 B	97ms 96ms	Other application/javascript	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/5K_YpriK.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Origin https://booking-e0q.pages.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6d97c0490a92ce9d39c3c888c967fc6e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4M3gbgbiunllGeHzY5Y4%2FN25GnkR2T2KzwD5lTgWItFN5MU2JvNKWbVQU3Kt0ZMf3nmGocu6a1UR9Da8vkdNzzVbvOHKIqKUTVtuaZNLJhzqmALjuBCQWnbSCIACznRmWKovDp0vRRI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325af28c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	GCKKFlwB.js booking-e0q.pages.dev/_nuxt/	0 2 KB	86ms 86ms	Other application/javascript	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/GCKKFlwB.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Origin https://booking-e0q.pages.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"e2b7b501f9257106630628e52072b605" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akmyGSOuAk0plHK0mTKeBoMlBKEOuJbwZz6eAf9Uhqdh%2BRDWFkAv%2FWly9W9uUnGgHDAP3Tr70G2ZpJD26ShTGQ1zF%2BqwgtT0H9rfRv23OmP4NV03omlzM65fqTyvBYW7ZFo76XI04zY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325af48c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	BH0JO9AI.js booking-e0q.pages.dev/_nuxt/	0 2 KB	95ms 94ms	Other application/javascript	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/BH0JO9AI.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Origin https://booking-e0q.pages.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"136132b991d54b3e9751caa6231354bb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2KYRlE7atjyzX%2BfDelSODXz8s0BgW%2By3kLHBbFn8VG%2Bu4Csd8YgQ5K8is3cNa59TVBR50g8QJy7ShiTWoLtHt4VgdcBFGIvALcApYFkW1CG92oesk3M3aWKiuZQcOO%2Bzf7%2Fvyv%2B3RIA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325af68c46-FRA alt-svc h3=":443"; ma=86400
GET H3	200	DAS6yEcU.js booking-e0q.pages.dev/_nuxt/	0 2 KB	89ms 89ms	Other application/javascript	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/DAS6yEcU.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Origin https://booking-e0q.pages.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"e7674fa86e29fe0aae0f029ea0e79cd2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZSaJFGFnI5w4CbgvTD3AHZHYExkSyMlm8vH2R84qOsBbqOZPFbroUYMO1Pfr7LCk0dk%2BD1aoENMAwUp8bxrlmX0%2BocNXNUSQzhIOc9RqdPehqEJSAM3Srk6nwtftZEIWo57WWZA%2F18%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8754a4325af88c46-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/Z4YBWL5SGRHY7HYDEQHG5T/	94 KB 28 KB	736ms 683ms	Script text/javascript	2600:9000:2644:2800:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/Z4YBWL5SGRHY7HYDEQHG5T/roundtrip.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/js/adroll.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2644:2800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5c05ba699db1cfe1eaf8745532b9b69c63d184ff3f624f4eaa04f123283c12f9 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 16 Apr 2024 13:49:56 GMT X-Amz-Version-Id Q2sAVkeDmY5FodjDji.t1ez_A8foNnfu Content-Encoding gzip Via 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA60-P6 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Miss from cloudfront Connection keep-alive Last-Modified Tue, 16 Apr 2024 12:37:27 GMT Server AmazonS3 Etag W/"cda6812ba3ea1709929d6eba7371c62d" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id C13q2Pc4OSNjlJZEhriJoLJ68i9bFkb7QtA-wRP8LxsRvt-CLQcxAw==
GET H2	200	hotjar-1234567.js Show response static.hotjar.com/c/	9 KB 4 KB	75ms 7ms	Script application/javascript	18.66.102.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1234567.js?sv=6 Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-51.fra56.r.cloudfront.net Software / Resource Hash d4d861909c9b5d65f8b3b6336a9397b938e161f200560beaf2b8640441883471 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:54 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 1 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/8f8799ae9efc968e1700f5872387e0b5 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 x-amz-cf-id D7WwXgdBcMnzrRORp6Q5wSGjkPXDdX3S6W7wG3XMXWgVBPs_JDYvqA==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	33ms 8ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/_nuxt/D0NVh0uO.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 16 Apr 2024 13:49:55 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57850 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug Hacoz+0KTiW2qI8cQ1ySIA4+LrCCzqAVkfvKRoPTAIjljCdgl2b0UjBaMu3MjO2/l4VSPPU6pf9nzQC936m26A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	1b4fceba-2ea1-4942-8d5a-322949e55807.json Show response booking-e0q.pages.dev/_nuxt/builds/meta/	139 B 644 B	67ms 67ms	Fetch application/json	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/_nuxt/builds/meta/1b4fceba-2ea1-4942-8d5a-322949e55807.json Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/_nuxt/D0NVh0uO.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31b6c97d385719ba7fcdcae0e03ce034e36bf401da5dbd83e7603615b878c06c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:55 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d2de826d29b5d6607ca327e4d4eabf62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XNNfAE8aPNHKQ8nAci34dazY463xmiu8vkNFUt198%2F3eJiX5U9pIIz8eRTTiZ%2FHRv1mMrZzgVgmUgKxLxwscr26arT7tgX8IG5O7Mb4Y2tvZMH2hvXmE%2BCEx1NujkmBQtb%2BftFUU6o8%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control public, max-age=31536000, immutable, public, max-age=1, immutable, public, max-age=31536000, immutable cf-ray 8754a4357e2c8c46-FRA alt-svc h3=":443"; ma=86400
GET H2	200	287323385553813 Show response connect.facebook.net/signals/config/	66 KB 14 KB	76ms 75ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/287323385553813?v=2.9.153&r=stable&domain=booking-e0q.pages.dev&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2279d0b7e856471c47d6acf6368cdad3dc45b80e464aaaceb087042b3848e42c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 16 Apr 2024 13:49:55 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1294, tbw=63152, tp=-1, tpl=-1, uplat=68, ullat=0 pragma public x-fb-debug W2k4WnK5gsHzKC5/hFqxJfyMXOE3Ep02cm0AsTQOgnEpblfL8Mt8uwPTYrNnBpPmccwa6NeKBJ507xfiH1p2fg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	modules.1bb7849d5667ca754312.js Show response script.hotjar.com/	221 KB 55 KB	44ms 7ms	Script application/javascript	13.32.27.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.1bb7849d5667ca754312.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1234567.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-54.fra56.r.cloudfront.net Software / Resource Hash 279fd8daab9081d3f17312be6e5d7bf1634d7ba6edf5a349011c5c922a709453 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 13:12:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 88669 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55715 last-modified Mon, 15 Apr 2024 13:11:16 GMT etag "12955196ab44183bc0c0e99d5fbabaf4" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id SyqJXPsQGadcPFyqRAm-Y-Cv7pqlEsDjy1R3el1NQq-VSUtP79CWNg==
GET H2	204	1234567 Show response vc.hotjar.io/sessions/	0 230 B	92ms 35ms	XHR text/plain	18.66.112.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/1234567?s=0.25&r=0.029473017860613737 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.1bb7849d5667ca754312.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-79.fra56.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 16 Apr 2024 13:49:55 GMT cache-control no-store via 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id eM7tZ3PMz6W5O5Y082nxpD7dcC-95PH7BhAqbQxadPi5SnGNmjld4g== x-cache Miss from cloudfront
GET H2	200	/ www.facebook.com/tr/	0 273 B	30ms 7ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=287323385553813&ev=PageView&dl=https%3A%2F%2Fbooking-e0q.pages.dev%2F&rl=&if=false&ts=1713275395637&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.2.1713275395634.983985736&cs_est=true&ler=empty&cdl=API_unavailable&it=1713275395480&coo=false&rqm=GET Requested by Host: booking-e0q.pages.dev URL: https://booking-e0q.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1294, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 16 Apr 2024 13:49:55 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	favicon.ico booking-e0q.pages.dev/	15 KB 5 KB	77ms 76ms	Other image/vnd.microsoft.icon	172.66.47.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-e0q.pages.dev/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.47.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 205175885f9883f8372e3b104a31a929407245e3f5d0526187e2557b9862c2b4 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:56 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f7685ec2a398385079d7b21292619017" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8ck23HDl7sLw3ydPWgBC24c6nENLAxKkagaaLWZJSAbrP3dt0KcaWBu%2F4C1MLutuo%2FG6Y3Rby6kwaolMiNW75xIPP44FLaTCf3FtHokKvtETYEfrGP%2FPMqTfipMwqAgxUlOILCKnbE%3D"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 8754a4391a0e8c46-FRA alt-svc h3=":443"; ma=86400
GET H2	200	Z4YBWL5SGRHY7HYDEQHG5T Show response d.adroll.com/consent/check/	492 B 585 B	136ms 30ms	Script application/javascript	2a05:d018:cc3:fe05:b07a:af92:e1b2:ca02 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/Z4YBWL5SGRHY7HYDEQHG5T?pv=28315034263.485962&arrfrr=https%3A%2F%2Fbooking-e0q.pages.dev%2F&_s=151a91481139461327e98746a103ec53&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/Z4YBWL5SGRHY7HYDEQHG5T/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe05:b07a:af92:e1b2:ca02 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash a3ae75e36e5c7bb1fbbb70477e99379a7afe2c2a95a0d343bd2ce304fd529491 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking-e0q.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 13:49:56 GMT server nginx/1.22.1 content-length 492 content-type application/javascript

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| __NUXT__ object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ function| __buildAssetsURL function| __publicAssetsURL function| $fetch object| __unctx__ object| __unctx_async_handlers__ boolean| __VUE__ function| useNuxtApp function| __unhead_injection_handler__ function| hj object| _hjSettings function| fbq function| _fbq object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled function| __adroll__ string| adroll_sid object| dataLayer object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors function| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.booking-e0q.pages.dev/	1970-01-21 04:40:11	Name: _hjSessionUser_1234567 Value: eyJpZCI6ImI5YzZlYWRlLTEyNWQtNWYwMC04ZmYyLTZhNGY5YmVkOGViYiIsImNyZWF0ZWQiOjE3MTMyNzUzOTU2MDMsImV4aXN0aW5nIjpmYWxzZX0=
			.booking-e0q.pages.dev/	1970-01-20 19:54:37	Name: _hjSession_1234567 Value: eyJpZCI6ImJiY2M5NzdmLWVmM2ItNGZkYy05YjEyLWU1OWViNjIxOTA5ZCIsImMiOjE3MTMyNzUzOTU2MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
			.booking-e0q.pages.dev/	1970-01-20 22:04:11	Name: _fbp Value: fb.2.1713275395634.983985736

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/287323385553813?v=2.9.153&r=stable&domain=booking-e0q.pages.dev&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking-e0q.pages.dev
connect.facebook.net
d.adroll.com
s.adroll.com
script.hotjar.com
static.hotjar.com
vc.hotjar.io
www.facebook.com
13.32.27.54
172.66.47.116
18.66.102.51
18.66.112.79
2600:9000:2644:2800:6:9280:1080:93a1
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:cc3:fe05:b07a:af92:e1b2:ca02
05a2815599b151f570df6cedd3e221b159cd74eb34007fa3ef55170ada9a18df
205175885f9883f8372e3b104a31a929407245e3f5d0526187e2557b9862c2b4
2279d0b7e856471c47d6acf6368cdad3dc45b80e464aaaceb087042b3848e42c
279fd8daab9081d3f17312be6e5d7bf1634d7ba6edf5a349011c5c922a709453
31b6c97d385719ba7fcdcae0e03ce034e36bf401da5dbd83e7603615b878c06c
32c93f59dd142d6c62a5d34a652fb409e308a6adfba897271f431a3df8d1df92
4eea5f3a92caa6192c3af809c1140b87bc85033de5ad4b38c4984adf5d61bc9d
52c275936e23d6bfafb99d6216e9b5479f2fdb451fafe06a54428bfcb0490eeb
5c05ba699db1cfe1eaf8745532b9b69c63d184ff3f624f4eaa04f123283c12f9
6647222e8c8665ea6561605ca83b1fc94d61a76afa3e050dcc2d81401b7f53f0
78ea7aebf1454e4881311979581006142473a5da42a423d27c005c2b2a704b15
7bdde398d48c91b89e24b9a6b16e18280cd99d69333b551714d65cba23096921
a3ae75e36e5c7bb1fbbb70477e99379a7afe2c2a95a0d343bd2ce304fd529491
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
ccb0387900287ad31cbcd571c8c083efbbd4eb93c27621eb9963f587867c419a
d4d861909c9b5d65f8b3b6336a9397b938e161f200560beaf2b8640441883471
e38bb8e3fb3895ccb1bfa8b50e90a95e29547c8a3a42089a8068fdd851ec4f87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855