urlscan.io logo urlscan.io
SecurityTrails logo

www.onlinefreetripbooking.com Open in urlscan Pro
2606:4700:3034::6815:1867  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://onlinefreetripbooking.com/
Effective URL: https://www.onlinefreetripbooking.com/
Submission: On August 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3034::6815:1867, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.onlinefreetripbooking.com.
TLS certificate: Issued by WE1 on August 7th 2024. Valid for: 3 months.
This is the only time www.onlinefreetripbooking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    172.67.218.47 (United States)

ASN13335 (CLOUDFLARENET, US)
onlinefreetripbooking.com
trading.onlinefreetripbooking.com
www.onlinefreetripbooking.com
2    2606:4700:3034::6815:1867 (United States)

ASN13335 (CLOUDFLARENET, US)
www.onlinefreetripbooking.com
1    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c361b08c9fd6143d388d595ff4ac9c50.safeframe.googlesyndication.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
9 trading.onlinefreetripbooking.com www.onlinefreetripbooking.com
4 www.onlinefreetripbooking.com www.onlinefreetripbooking.com
trading.onlinefreetripbooking.com
3 fonts.googleapis.com www.onlinefreetripbooking.com
trading.onlinefreetripbooking.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 c361b08c9fd6143d388d595ff4ac9c50.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 securepubads.g.doubleclick.net www.googletagservices.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.onlinefreetripbooking.com
1 www.googletagservices.com www.onlinefreetripbooking.com
1 onlinefreetripbooking.com 1 redirects
26 11

This site contains links to these domains. Also see Links.

Domain
ico.org.uk
Subject Issuer Validity Valid
onlinefreetripbooking.com
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.onlinefreetripbooking.com/
Frame ID: 0E93B36C574764FDE6DA1D0CAA5161A5
Requests: 24 HTTP requests in this frame

Frame: https://c361b08c9fd6143d388d595ff4ac9c50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 77D02A7D5496C4E2614A6E0F29B28B3B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0E29C42302BD48C49D159689FD3B6D16
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OnlineFreeTripBooking - HOME

Page URL History Show full URLs

  1. https://onlinefreetripbooking.com/ HTTP 301
    https://www.onlinefreetripbooking.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

70 %
IPv6

7
Domains

11
Subdomains

11
IPs

2
Countries

491 kB
Transfer

1499 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://onlinefreetripbooking.com/ HTTP 301
    https://www.onlinefreetripbooking.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.onlinefreetripbooking.com/
Redirect Chain
  • https://onlinefreetripbooking.com/
  • https://www.onlinefreetripbooking.com/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onlinefreetripbooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1867 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965abfa7f0ba851e0f5fabff3b81114f66cab1bb42633a2d4cd48741894b991f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b0618203d1b92c6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 09 Aug 2024 07:39:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovA0L%2Bg3r9fT8tUDVG9tFvxHf49HEwFEC%2FjZEVkex44irWb2FJFiRR%2FEphQUoBJ2lIgV9cfe2xsuU6zck9IIILH9FEagMVV71Zle73KqlmgwFU96T7hZ5SR7Lmc215fZ47p3XWWKVIDMS5%2BkaujawHKdPD3HYPWv19n6Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=16070400
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b06181b8f62bb9b-FRA
content-type
text/html; charset=iso-8859-1
date
Fri, 09 Aug 2024 07:39:46 GMT
location
https://www.onlinefreetripbooking.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKpPyPi3l%2Bh1xDdNhLsAb9ZF%2BQGW38005EzZox3zyhWlpw38w%2Bdf0kTkx%2BkYIbp3G8UlaP%2BkXrvRypPu4GCyIDBJhqJ38yf5O2aI%2B4SltxcGdekz21tMHjLcbKyGTULRWNvsF3WD5cB4nHjj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
trading.onlinefreetripbooking.com/contsg/css/bootstrap5/ 		152 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trading.onlinefreetripbooking.com/contsg/css/bootstrap5/bootstrap.min.css
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Aug 2023 09:21:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnNYUFrnnyJvNQYFQKVF5h3vqifkUlnQ9JgDE8YgVPUbO74X0RI2LPIvBv4Ep3QzirEbGb1GOoUQBKDHFQ8BFEYJzMJc%2FW2NoYU2ONQRJlItTISHOwvggx%2FCG3J3U6x66ic%2BrWI3kmCob8PLHfoydYtfn1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b06182338b7bb9b-FRA
alt-svc
h3=":443"; ma=86400
content-length
34616
style.css
trading.onlinefreetripbooking.com/oftb-cdn/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trading.onlinefreetripbooking.com/oftb-cdn/css/style.css
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9fbd266bafc4392b3eabcedbc6539ac4ee781d0abd51b24ada49d98946ecbe

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 07 Feb 2024 11:35:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jMA8ZbuRDD80FDg0KHC4QZXaxAKC7rFJClfrxJUjpAeiCwVP3dhaMEexmL1offw3RgCh1ahFs44vzRfDJLZaocS0CiSyFKnGaM84FujcQ3xrc%2BcYR7%2FRonV%2Fk7Xh9kinbiEuPtBbUGWrmo6jaZLvDuj1Pw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b06182338aabb9b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2297
gpt.js
www.googletagservices.com/tag/js/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49a0d372cbc88ce5a1d42bde1d10531ce6bf10a93285b9c1a5d4201183239efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32208
x-xss-protection
0
server
cafe
etag
363 / 19944 / 31086024 / config-hash: 13767239253603919592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 09 Aug 2024 07:39:47 GMT
escript.js
trading.onlinefreetripbooking.com/contsg/js/ 		766 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trading.onlinefreetripbooking.com/contsg/js/escript.js
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8201a177eb79193b6694a830b7e76d13b4ff88e3752e86498e5ddce2d74fed9e

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 Jul 2019 13:53:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=28EJuuDTMCdTOi%2B9rzo5rdfYR%2BE5%2FNd32LmNn8fXIqVUI3IJr889FBvowwQwB43kI9MJJcZAzfaLxSHDy0b9G9Ae1bIYaISm%2BJLk3HEkoQmRD%2BMsKbQOnLE2Nq8riAuLMB%2FAor2qskB4cHemBfrCfS9Q%2F1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8b06182338adbb9b-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 05:46:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Aug 2024 07:39:47 GMT
common.utils.js
trading.onlinefreetripbooking.com/contsg/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trading.onlinefreetripbooking.com/contsg/js/common.utils.js?cb=1
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
432220796744ef64bb6172b3c5d19e3c66b7f01980fbd478f7874bb18676d438

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 08:52:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhmrXpp%2Bkw1NWlmZYieRmJRU1jlVJRwwQK8%2F0DWf9pPxUo5TXbvbCkvSzoGPOmSOvw4uHXvcga%2FWZtVfzP%2BY%2F8YcT0TJmWFowuozz5wtbuikl9jblWCxcYa6WZvOCYc98f2hsQ%2B%2FFiMh90J4QLFnatWP9Hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8b06182338b1bb9b-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		360 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLWDB94TB7
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3155962b536676875c0c0a1e8cbf99cb89aec21a191feb836bef75827aeb1d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118879
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 09 Aug 2024 07:39:47 GMT
css2
fonts.googleapis.com/ 		4 KB
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 06:04:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Aug 2024 07:39:47 GMT
google-gpt-fallback.js
trading.onlinefreetripbooking.com/contsg/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trading.onlinefreetripbooking.com/contsg/js/google-gpt-fallback.js
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce403093cb66087f536a7ee8f8017a1b65b98b00023957200655e1f33d457bc

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 11 Mar 2024 09:36:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1dRehrez18tj3Kp%2B5%2BFgTUdSVr4WgKkWJJJZdSoTYNCmLdIdDGYHe51DjPPpSwFo3g8nHlpX%2BoZn6OHBDOjaBLAfaSV8BYi%2B%2FWPhfdepJwP7lFWr10PvMnDrgAm618ogtMq1EPMvna2G5OHuS5Xxv%2BTs9uY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8b06182338afbb9b-FRA
alt-svc
h3=":443"; ma=86400
logo.png
trading.onlinefreetripbooking.com/oftb-cdn/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trading.onlinefreetripbooking.com/oftb-cdn/img/logo.png
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de4797b882fb8be3023f4c41e9385b3e6354dd9220e5c24642de71cdd7d777d1

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
cf-cache-status
MISS
last-modified
Wed, 07 Feb 2024 11:35:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMANT7g0dM0iv7FUl3n8DGqX7%2B8G%2F2M1H83yDL4RnStn%2BbGtcSJzkLHvFiy%2FSQZVuIwCKVZv7JYZFLFlomqMgsfJs9fNKw4Fuzv3ZluMJEx09eJ%2F2wRAiLvuMfA4DFHFg0zSRYcOnqiJXdikmksN3wYLWdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b06182338b5bb9b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2397
jquery-3.7.0.min.js
trading.onlinefreetripbooking.com/contsg/js/jquery-37/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trading.onlinefreetripbooking.com/contsg/js/jquery-37/jquery-3.7.0.min.js
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Aug 2023 09:21:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZDR7%2BDWClGk0XM%2BnlCgcW%2B3FajjXYcbZVX%2FK1ZmDx31fwTgU2iG6%2F%2FK8PBiDivcEsHQteS3Da8ukHTA3s3z5zJBkHducAvGmac2YAhlHQL7u2RKoVv%2ButiZOr0OgqlvQW3lp%2BCAQLzT6DVLkdmnMDkpjEjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8b061825abeebb9b-FRA
alt-svc
h3=":443"; ma=86400
tyresolver.js
trading.onlinefreetripbooking.com/contsg/js/ 		291 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trading.onlinefreetripbooking.com/contsg/js/tyresolver.js?v=1.1
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61f7d02ddbecc04c8c3bd801d0651334f434d4819255889cdd9527f185903771

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 Apr 2023 13:24:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXYMBrPIOux1ZTWNS%2FFNJAwcT%2BqfddMHjZ8XtusQVGyEg79aQQkIXkQbOWWj2j%2Br3cZTj1cRBt%2Bh3YAUaHB41QRm5ayCoQR%2BLSZYvuS5kLWnx9VXSgtzFuZn37IzJrJy2ysBClUQmSvGKpKurBhbFH7PjgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8b061825bbfdbb9b-FRA
alt-svc
h3=":443"; ma=86400
yii.js
www.onlinefreetripbooking.com/assets/34c428af/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinefreetripbooking.com/assets/34c428af/yii.js
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1867 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 13:16:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbphbcUWaZfbn1j0UyPaavOx1jXgtZYueX78H%2FpHcNJb2N%2FVBZLXNwkVqp%2F7epcncqZ%2BBPh8E0WfYqeLAUUZzICc6ylP04iVdXnWhJXRam%2BUFtowopvTxyeGrOqCHgtFyGLXlL807%2BSp2GRdQTfxtiCoUaz77M%2BGgtbtNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8b061826695492c6-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.min.js
trading.onlinefreetripbooking.com/contsg/js/bootstrap5/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trading.onlinefreetripbooking.com/contsg/js/bootstrap5/bootstrap.min.js
Requested by
Host: www.onlinefreetripbooking.com
URL: https://www.onlinefreetripbooking.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Aug 2023 09:21:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjJJte93ym5nMAWPu0d3N2WB%2B5FyTh6s9lA8MSayTKrCm8gl7jHQxAh%2BfXaM01q6fJq%2FYAejs8Lex1NIOdaDy%2Fj43nOYkyUYjRLP3oCUXcXO3hXQNo0dGm7fyIhwAgAmS4Z0l2shGIm2iOaqkUnFIoWEDQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8b0618266cbfbb9b-FRA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		21 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: trading.onlinefreetripbooking.com
URL: https://trading.onlinefreetripbooking.com/oftb-cdn/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://trading.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 07:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 05:48:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Aug 2024 07:39:47 GMT
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onlinefreetripbooking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 01:23:45 GMT
x-content-type-options
nosniff
age
108962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Aug 2025 01:23:45 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 		474 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js?cb=31086024
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 10:00:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
77939
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151130
x-xss-protection
0
server
cafe
etag
11205447520193479331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 08 Aug 2025 10:00:48 GMT
ads
pagead2.googlesyndication.com/gampad/ 		653 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=3563057596196451&correlator=3751810042568806&eid=31079956%2C31085739%2C31086024%2C31084180%2C31084271%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=187334984%2Cca-pub-5610625064534769-tag%2COB-Sticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1723189188160&lmt=1723189188&adxs=1440&adys=600&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.onlinefreetripbooking.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723189187044&idt=765&adks=3996703596&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js?cb=31086024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
79e546cbcddbd8c5223b1acfa751738be17452195092aead23ac7ee5d0fda890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinefreetripbooking.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c361b08c9fd6143d388d595ff4ac9c50.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 77D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c361b08c9fd6143d388d595ff4ac9c50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js?cb=31086024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Aug 2024 07:39:48 GMT
expires
Fri, 09 Aug 2024 07:39:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js?cb=31086024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e2a571a0bd89b706a0c21fedfb57aabca891691b44c41c9b5719864e1f6cc35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12854
x-xss-protection
0
favicon.ico
www.onlinefreetripbooking.com/ 		100 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.onlinefreetripbooking.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9966718bffe8ee39b8d90b364e257c825b32078d00e81650d2bba775125ed7b6

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 07 Feb 2024 11:35:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e78d7gK43%2FKoKgPuA33m0dSUn3eIgStB7QJb4zz7qjy%2FJi1uhv2q2NgdvKvqMbSHaap1s525EduJyGCQlu8QMKHL3VkCPBByZVZQ9qMCSexFovB8itsApnvg%2F%2BJbiZI8vOyofr1RvBjsLSb2YmfHFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8b06182b1d418ed4-FRA
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js?cb=31086024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 09 Aug 2024 07:39:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0E29 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinefreetripbooking.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
186003
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 03:59:45 GMT
expires
Thu, 07 Aug 2025 03:59:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
slot-placement-config
www.onlinefreetripbooking.com/ 		10 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.onlinefreetripbooking.com/slot-placement-config
Requested by
Host: trading.onlinefreetripbooking.com
URL: https://trading.onlinefreetripbooking.com/contsg/js/google-gpt-fallback.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0900efc3095a08b6c96fbca743c6989cf3e304b98e1f9ea6533e6c3ddbd3ffe5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400

Request headers

Referer
https://www.onlinefreetripbooking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 09 Aug 2024 07:39:48 GMT
strict-transport-security
max-age=16070400
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJc8oWQrlHM3vrCfhJCHsfqhkzPfo7h7l9KoBPAbeHOaZqI3wmCK7KkHuewPHuQBZxKAQpXHlYuNq5T2OXzDppycmMyq5jLfGujrTLBFNu7l2fATfqKlYYbVcIlP9MkOHemH1eLRri821ry8qC3iZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
x-cnection
close
cf-ray
8b06182bee1e8ed4-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408080101&jk=3563057596196451&bg=!9_Sl9LvNAAZjy5caQ8s7ADQBe5WfOMdXexwhRH9F_JbEV_cIpT5VNWEaajLbzIj_o-iBexHr-hGCi2NLNtX1f59_-b79AgAAAEZSAAAAA2gBB34ANh7vj3wJbOWoO4Adu9tB2BDBIn4mJGYtIiQ1mImY_j5TnLhzSTYYKsqOQa9X8X1DYttLzpGxqpkCwS-O220djofyn4VlEldbp15voHk_KjSueSPbjIulVGhLNk5f3wkOagEIwXOiu2Z1Rx9l_jXYmybRGCTgbR-ufjKlSrMFtA4enotdBZRpWz79Rv85KP_4DJM3YCafkzMm8ohqgWLiVFBwhfwV8TtKFoluniEou1hv7fV8rKuIGgP61KNGgLdb2A4LDKE9azi-o5-pS6-ttE3iy-UVN4Pz7YZQhM84mnqRheG5ZocTV5vrGg-EqXXZZ8j6kSC0BqZD9xEhMpL4qha6JDVfgJgvT_NNKvayUxd_utkTfxvdPYESOVd3LFRjKRm47Cfk1e9vwk-vsePrgWgnB4VFqKdkApPVqE2jZy_MOsasItLtQyl3fKtNLLyNytK7pFe_TO9YQrQVCRgvsRp6a-jbjihOi34KiyUpyYxDN5_SmZxEtAFD1nAVG2sBmS4LgYPcM-DhmXXfBLH5eLKsikr677a2UHSeiropetIhPq0t7Dh9YdzH4xMQkOvCqQ4hLXFQ27vXETBWRdwLV35ToMwGXovfHt8P2GUiUKM0Bd3uHQxXLVfpVhaEAo-2xkY5T4Hj4K9eoDaOARlfFBiSuJOhIVyDpu85wByRSkEKVjZB6iOagjJ02Vhf8qAJlOQ2-47Fr4aIa_KDcSTXhZwzDHE1nSMja82bjJr2nGRmJYHJzfRC7pMFkTPhB7S86L3OW9z07QGAsWlXk9GL9JyLTDiTnj_IgQ8VFF7O_4yKwEvWgFboCk5tK5TPacCuTXl2cOqzQ4om2YVyBH5EYGNELRcwAa336YcGjFZlZKaGigDM7aEYPi3HWCvkJgpVB381EMkur9GUK4AI0tyaBTsP7N9La93Wx43th3AAwIV_tMoscHKD04XV4Mk7k66i_24e8mE0ymJgQO6WHbmaZU_QiPgdhffLcNgFhQAvsGO73IdH2IDOMA_PUA

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| googletag object| baseFunctions object| oddParams function| getQueryVariable function| getCookie function| setCookie function| removeCookie function| storeUid function| storeTicket function| readUid function| readTicket function| gtag object| dataLayer object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| google_reactive_ads_global_state function| $ function| jQuery object| yii number| uidEvent object| bootstrap number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
onlinefreetripbooking.com/ Name: _pr
Value: 2701830336.20480.0000
www.onlinefreetripbooking.com/ Name: PHPSESSID
Value: ph8rb9cmil1nv1u7n3d28mb5ke
www.onlinefreetripbooking.com/ Name: _csrf
Value: ylZvX7Wl0t-aMVHvFObtXCmRQoznDDYX
www.onlinefreetripbooking.com/ Name: _pr
Value: 2685053120.20480.0000
.onlinefreetripbooking.com/ Name: __eoi
Value: ID=bb8a98b33599cf8b:T=1723189188:RT=1723189188:S=AA-Afja7bn_qU40K05Ik_TM1lEjT

1 Console Messages

Source Level URL
Text
network error URL: https://www.onlinefreetripbooking.com/slot-placement-config
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c361b08c9fd6143d388d595ff4ac9c50.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
onlinefreetripbooking.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
trading.onlinefreetripbooking.com
www.googletagmanager.com
www.googletagservices.com
www.onlinefreetripbooking.com
pagead2.googlesyndication.com
142.250.185.66
142.250.74.194
172.67.218.47
2606:4700:3034::6815:1867
2a00:1450:4001:812::2001
2a00:1450:4001:81d::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
0900efc3095a08b6c96fbca743c6989cf3e304b98e1f9ea6533e6c3ddbd3ffe5
2ce403093cb66087f536a7ee8f8017a1b65b98b00023957200655e1f33d457bc
3155962b536676875c0c0a1e8cbf99cb89aec21a191feb836bef75827aeb1d5b
432220796744ef64bb6172b3c5d19e3c66b7f01980fbd478f7874bb18676d438
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
49a0d372cbc88ce5a1d42bde1d10531ce6bf10a93285b9c1a5d4201183239efd
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f7d02ddbecc04c8c3bd801d0651334f434d4819255889cdd9527f185903771
64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
79e546cbcddbd8c5223b1acfa751738be17452195092aead23ac7ee5d0fda890
8201a177eb79193b6694a830b7e76d13b4ff88e3752e86498e5ddce2d74fed9e
965abfa7f0ba851e0f5fabff3b81114f66cab1bb42633a2d4cd48741894b991f
9966718bffe8ee39b8d90b364e257c825b32078d00e81650d2bba775125ed7b6
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
de4797b882fb8be3023f4c41e9385b3e6354dd9220e5c24642de71cdd7d777d1
e2a571a0bd89b706a0c21fedfb57aabca891691b44c41c9b5719864e1f6cc35e
ea9fbd266bafc4392b3eabcedbc6539ac4ee781d0abd51b24ada49d98946ecbe
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f