urlscan.io logo urlscan.io
SecurityTrails logo

www.bookings.ugc4you.com Open in urlscan Pro
104.152.109.185  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bookings.ugc4you.com/
Submission: On October 03 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 4 domains to perform 11 HTTP transactions. The main IP is 104.152.109.185, located in Fond du Lac, United States and belongs to INMOTION, US. The main domain is www.bookings.ugc4you.com.
TLS certificate: Issued by R10 on August 31st 2024. Valid for: 3 months.
This is the only time www.bookings.ugc4you.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.152.109.185 22611 (INMOTION)
2 2600:9000:23c... 16509 (AMAZON-02)
2 157.240.241.1 32934 (FACEBOOK)
1 3.229.213.56 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 34.196.0.6 14618 (AMAZON-AES)
11 7
2    104.152.109.185 (Fond du Lac, United States)

ASN22611 (INMOTION, US)
PTR: secure.webleadscompany.com
www.bookings.ugc4you.com
bookings.ugc4you.com
2    2600:9000:23cb:5400:2:c605:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed.typeform.com
2    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
1    3.229.213.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-213-56.compute-1.amazonaws.com
api.typeform.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.196.0.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-0-6.compute-1.amazonaws.com
form.typeform.com
Apex Domain
Subdomains		 Transfer
4 typeform.com
embed.typeform.com — Cisco Umbrella Rank: 23402
api.typeform.com — Cisco Umbrella Rank: 67814
form.typeform.com — Cisco Umbrella Rank: 51685
17 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
71 KB
2 ugc4you.com
www.bookings.ugc4you.com
bookings.ugc4you.com Failed
37 KB
11 4
Domain Requested by
2 www.facebook.com www.bookings.ugc4you.com
2 connect.facebook.net www.bookings.ugc4you.com
connect.facebook.net
2 embed.typeform.com www.bookings.ugc4you.com
embed.typeform.com
1 bookings.ugc4you.com
1 form.typeform.com embed.typeform.com
1 api.typeform.com embed.typeform.com
1 www.bookings.ugc4you.com
11 7

This site contains no links.

Subject Issuer Validity Valid
www.bookings.ugc4you.com
R10		 2024-08-31 -
2024-11-29		 3 months crt.sh
typeform.com
Amazon RSA 2048 M03		 2024-05-14 -
2025-06-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-12 -
2024-10-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.bookings.ugc4you.com/
Frame ID: 996F4040B99E1FC6C52C09FDF0141D9E
Requests: 10 HTTP requests in this frame

Frame: https://form.typeform.com/to/aK05jhaN?typeform-embed-id=21229529684313153&typeform-embed=embed-widget&typeform-source=bookings.ugc4you.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-handles-redirect=1
Frame ID: ED441B4503E9049625A7EB343EA8FEDA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UGC 4U

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

11
Requests

91 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

7
IPs

1
Countries

128 kB
Transfer

394 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bookings.ugc4you.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bookings.ugc4you.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.109.185 Fond du Lac, United States, ASN22611 (INMOTION, US),
Reverse DNS
secure.webleadscompany.com
Software
Apache /
Resource Hash
1fe8880052d22408a7f957f9227486e330fa0f6ddca7df88c67535740333df4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 03 Oct 2024 06:22:09 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
embed.js
embed.typeform.com/next/ 		61 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.typeform.com/next/embed.js
Requested by
Host: www.bookings.ugc4you.com
URL: https://www.bookings.ugc4you.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:5400:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4be91764c84ece61cab7798500ace566ae6d8b87eaba64f513d1c05ad334966a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bookings.ugc4you.com/

Response headers

content-encoding
gzip
etag
W/"910e9945fe462165b6eabdf3d1491784"
x-amz-version-id
jXmejdTdpV.Um.aw4HI2ZxRcs6s65SM_
age
138
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
X0B-hsXUvBJWup-f85aOsi3nFuT7LIG65lNFSYrnyQae8LVbZrZzLg==
date
Thu, 03 Oct 2024 06:19:52 GMT
content-type
application/x-javascript
vary
Accept-Encoding
last-modified
Mon, 26 Aug 2024 16:23:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=0, must-revalidate
via
1.1 23a7db9b99ad0ff99aeef1ab5f27e734.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.bookings.ugc4you.com
URL: https://www.bookings.ugc4you.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bookings.ugc4you.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 06:22:09 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=4415, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
F66fZO+KISScSns8wj0q5lcqhmhEwWWipnQMHGyWZASEywTQpZI/qRRq3royCRY20qLNafVVKtVHo5Cv/70iEw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?1
2192465257806523
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2192465257806523?v=2.9.170&r=stable&domain=www.bookings.ugc4you.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
1e622294e56a0e781b1b166c8fe58b559828beffe229d7ecb0440b2529552e76
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bookings.ugc4you.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 06:22:09 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=74, mss=1232, tbw=67245, tp=63, tpl=0, uplat=108, ullat=0
pragma
public
x-fb-debug
CRHHTSnTZtxRuDLGpTKsJeDVcmaw09ka9iDv9+RxokVoLY74VOcNtH07GMmoeVVd9M+X3DqT4CkEO8AfhMCmzA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
01J93T7H42JZV2649EGKVM85YQ
api.typeform.com/single-embed/ 		797 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.typeform.com/single-embed/01J93T7H42JZV2649EGKVM85YQ
Requested by
Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.213.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-213-56.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
b25c15811c303612b1dc5e1d47693db6247941e3d0f51d9bbd379b6ba9a510cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bookings.ugc4you.com/

Response headers

x-commit-sha
861e9c8fd053c891a98ef172a0dcbcd7f0b5de9b
strict-transport-security
max-age=63072000; includeSubDomains
access-control-expose-headers
Location, X-Request-Id
x-envoy-upstream-service-time
5
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
x-build-date
2024-09-24T08:41:42+00:00
traceparent
00-9467735460a6098bbc6b3015febac5d8-76deffc424d5a4ea-01
x-release
11010098934
access-control-allow-origin
https://www.bookings.ugc4you.com
content-length
797
date
Thu, 03 Oct 2024 06:22:10 GMT
content-type
text/plain; charset=utf-8
server
istio-envoy
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2192465257806523&ev=PageView&dl=https%3A%2F%2Fwww.bookings.ugc4you.com%2F&rl=&if=false&ts=1727936529991&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727936529989.994385536805854768&ler=empty&cdl=API_unavailable&it=1727936529782&coo=false&rqm=GET
Requested by
Host: www.bookings.ugc4you.com
URL: https://www.bookings.ugc4you.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bookings.ugc4you.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=10, mss=1297, tbw=2949, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 06:22:10 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2192465257806523&ev=PageView&dl=https%3A%2F%2Fwww.bookings.ugc4you.com%2F&rl=&if=false&ts=1727936529991&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1727936529989.994385536805854768&ler=empty&cdl=API_unavailable&it=1727936529782&coo=false&rqm=FGET
Requested by
Host: www.bookings.ugc4you.com
URL: https://www.bookings.ugc4you.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bookings.ugc4you.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421430887783126221"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 06:22:10 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
agCSlRxktTjPyHlYIPU0tcg8n7jrC0mM3/f/UQq82V1elgvmbJ+47UY7x0Kxq3/p9AqV1NTkxqXOeXWVizfUig==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421430887783126221", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=14, mss=1297, tbw=3263, tp=-1, tpl=-1, uplat=140, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
widget.css
embed.typeform.com/next/css/ 		1 KB
937 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.typeform.com/next/css/widget.css
Requested by
Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:5400:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
592ddb631047ee126a5332be882be5653337fdb601d2be48b149208c189108e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bookings.ugc4you.com/

Response headers

content-encoding
gzip
etag
W/"d0293719d2484cd26b5affd35d33c295"
x-amz-version-id
05xxxRjNqqqa5efWcU.br0vmxYZEY2Vc
age
31
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
gKUU6czLOuPEnHOaneITlTp-UsoQe9CtcpdA5VRRD2PCNEPuc56jZQ==
date
Thu, 03 Oct 2024 06:21:40 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 26 Aug 2024 16:23:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=0, must-revalidate
via
1.1 23a7db9b99ad0ff99aeef1ab5f27e734.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
aK05jhaN
form.typeform.com/to/ Frame ED44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://form.typeform.com/to/aK05jhaN?typeform-embed-id=21229529684313153&typeform-embed=embed-widget&typeform-source=bookings.ugc4you.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-handles-redirect=1
Requested by
Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.0.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-0-6.compute-1.amazonaws.com
Software
istio-envoy / 11102098526-7.225.5
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.bookings.ugc4you.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers
Location, X-Request-Id
age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy-report-only
report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
content-type
text/html; charset=utf-8
date
Thu, 03 Oct 2024 06:22:10 GMT
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains
traceparent
00-696d40c223d550c04bd4b802995403e2-22bfc7fb2aebc0a4-01
vary
Accept-Encoding
x-cache
MISS
x-cache-lookup
HIT
x-envoy-upstream-service-time
74
x-powered-by
11102098526-7.225.5
x-varnish
42539355
favicon-32x32
bookings.ugc4you.com//images/ 		0
0
android-chrome-192x192.png
bookings.ugc4you.com//images/ 		35 KB
35 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bookings.ugc4you.com//images/android-chrome-192x192.png?v1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.152.109.185 Fond du Lac, United States, ASN22611 (INMOTION, US),
Reverse DNS
secure.webleadscompany.com
Software
Apache /
Resource Hash
43b60ce3dc9fed5d8cebf3b5338191fae3c06689d4f1b9c1dddeaf405809df39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bookings.ugc4you.com/

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35947
Keep-Alive
timeout=5, max=100
Date
Thu, 03 Oct 2024 06:22:12 GMT
Last-Modified
Tue, 01 Oct 2024 11:25:51 GMT
Content-Type
image/png
Server
Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bookings.ugc4you.com
URL
https://bookings.ugc4you.com//images/favicon-32x32?v1

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| fbq function| _fbq object| tf

4 Cookies

Domain/Path Name / Value
.ugc4you.com/ Name: _fbp
Value: fb.1.1727936529989.994385536805854768
.typeform.com/ Name: tf_respondent_cc
Value: {%22groups%22:[%222%22%2C%223%22%2C%224%22]%2C%22timestamp%22:%222024-10-03T06:22:11.660Z%22%2C%22implicitConsent%22:true}
.typeform.com/ Name: attribution_user_id
Value: a1d9339d-6192-4cfb-9be3-2cdff4603795
form.typeform.com/ Name: AWSALBTGCORS
Value: kCBGejRjbHm3G2EVqRuB3ZLdz92va4oVxZ9Ov3HZE6/lUGrQktg6zTHSvOaNFSRUm9gBnzsQCpDDJXmzuKwA7rSDffrWdYtT8lWe+20LRx3kmumTfctZ9ndH6LqsZePSNLNPa8aStX5lhAv8ryL8yqxBR8PSxBqW2cbDroJWf4ZG