booking.enakl.com Open in urlscan Pro
52.31.67.199  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response booking.enakl.com/	1 KB 2 KB	311ms 216ms	Document text/html	52.31.67.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.enakl.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.31.67.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-67-199.eu-west-1.compute.amazonaws.com Software / Resource Hash 241723dda91e0d9daae8c12a7ff60350cf5354b5ac92748fded157ec923d79f7 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-language de content-length 1470 content-type text/html; charset=utf-8 date Mon, 27 Mar 2023 17:14:49 GMT referrer-policy same-origin strict-transport-security max-age=15724800; includeSubDomains vary Accept-Language, Cookie, Origin x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H/1.1	200 OK	material-icons.css s3-eu-west-1.amazonaws.com/prod-bookingzone/master/vendors/material-design-icons/iconfont/	953 B 910 B	130ms 57ms	Stylesheet text/css	52.218.101.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/vendors/material-design-icons/iconfont/material-icons.css Requested by Host: booking.enakl.com URL: https://booking.enakl.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.101.43 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash e3dcde5c977dd5f39f418d71ea77c98924cf85dbcaef2f60d89a83e9d81c3d93 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 17:14:50 GMT Content-Encoding gzip x-amz-version-id z0BAppf.6HkOMwdWdl33hKV_J4iMMh4a Last-Modified Mon, 27 Mar 2023 08:37:52 GMT Server AmazonS3 x-amz-request-id 2ABYTJ4F3YZBGEKB ETag "8f3ab5ea60d983abb163af894c41d282" x-amz-server-side-encryption AES256 Content-Type text/css Accept-Ranges bytes Content-Length 441 x-amz-id-2 A3wBxHauGNOACAjSUhEZcycVHNtx6VGnxhV9ALoAVo1mQoU191TXY5oNYLOP9v7IvPrEWokfock=
GET H2	200	css fonts.googleapis.com/	5 KB 988 B	36ms 16ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,600,700 Requested by Host: booking.enakl.com URL: https://booking.enakl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aa59c8530487d44e3a3f73567832736c349d6e6fc23fe34e93c34d11b972ee63 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Mar 2023 17:14:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Mar 2023 16:44:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Mar 2023 17:14:49 GMT
GET H2	200	js Show response maps.googleapis.com/maps/api/	171 KB 56 KB	60ms 32ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?key=AIzaSyBntEFSGRGjNHerWsiJsQrdHrpiUx-M0dI&libraries=places Requested by Host: booking.enakl.com URL: https://booking.enakl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash 9e261175a39b8f83aded72b992dc1e8f6f0fa714d527450a31347aab52030531 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 17:14:49 GMT content-encoding gzip server mafe vary Accept-Language x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control public, max-age=1800 cross-origin-resource-policy cross-origin server-timing gfet4t7; dur=26 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57336 x-xss-protection 0 expires Mon, 27 Mar 2023 17:44:49 GMT
GET H/1.1	200 OK	app.min.js Show response s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/	2 MB 653 KB	136ms 61ms	Script text/javascript	52.218.101.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Requested by Host: booking.enakl.com URL: https://booking.enakl.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.101.43 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash dcdf8359efc4d9ba7e2e4dd005d3637af4a534903ed46a6a57c0f951eae8a9e6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 17:14:50 GMT Content-Encoding gzip x-amz-version-id vyccllZkt1z15SrW36EXDC.SYhsJp45P Last-Modified Mon, 27 Mar 2023 08:37:53 GMT Server AmazonS3 x-amz-request-id 2ABX730XCRC3J1WB ETag "9aa81363762ec2374324938fc8b2451c" x-amz-server-side-encryption AES256 Content-Type text/javascript Accept-Ranges bytes Content-Length 668098 x-amz-id-2 4Btd8wgRTaac4K5LSxo4CCW74JBvBNP7NEUFQvRkdismtNJd2J4RvZjphtFhSeQ4qKOqdvTCY8A=
GET H3	200	gen_204 Show response maps.googleapis.com/maps/api/mapsjs/	3 B 45 B	34ms 20ms	XHR application/json	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBntEFSGRGjNHerWsiJsQrdHrpiUx-M0dI&libraries=places Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 17:14:49 GMT content-encoding gzip x-content-type-options nosniff server scaffolding on HTTPServer2 vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://booking.enakl.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23 x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/	5 KB 657 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0168735fcd21636bde8fbdfb1545519372f351e41659c146c78fafb9bba598ed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Mar 2023 17:14:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Mar 2023 16:29:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Mar 2023 17:14:49 GMT
GET H2	200	css2 fonts.googleapis.com/	4 KB 708 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Mar 2023 17:14:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Mar 2023 15:41:02 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Mar 2023 17:14:49 GMT
POST H2	501	/ Show response glitchtip.tech.padam.io/api/130/envelope/	60 B 626 B	206ms 81ms	Fetch application/json	54.229.68.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.229.68.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-68-39.eu-west-1.compute.amazonaws.com Software / Resource Hash 3d94d2c1cf8ee86c1470c062274f03ff8f117ddc059364876077883bfd7143ce Security Headers Name Value Content-Security-Policy worker-src 'self' blob:; script-src 'self' https://*.glitchtip.com; frame-src 'self'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://*.glitchtip.com; img-src 'self' Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://booking.enakl.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 27 Mar 2023 17:14:49 GMT content-security-policy worker-src 'self' blob:; script-src 'self' https://*.glitchtip.com; frame-src 'self'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://*.glitchtip.com; img-src 'self' x-content-type-options nosniff referrer-policy same-origin cross-origin-opener-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-frame-options DENY allow POST content-language de vary Accept-Language, Origin access-control-allow-origin * content-type application/json content-length 60
GET H2	200	get-parameters Show response booking.enakl.com/api/v1.7/	6 KB 2 KB	220ms 161ms	Fetch application/json	52.31.67.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.enakl.com/api/v1.7/get-parameters?app_version=bookingzone:1.0.0&user_group=customer&language=en Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.31.67.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-67-199.eu-west-1.compute.amazonaws.com Software / Resource Hash bc0b07f3dadced43ee29ef051934e6708d531ac6278f6cbcaa8a7642ba3be61f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept application/json Referer https://booking.enakl.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 17:14:49 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff referrer-policy same-origin content-encoding gzip x-frame-options DENY allow GET, HEAD, OPTIONS content-language en vary Accept-Language, Cookie, Origin content-type application/json x-xss-protection 1; mode=block
POST H2	501	/ Show response glitchtip.tech.padam.io/api/130/envelope/	60 B 625 B	92ms 91ms	Fetch application/json	54.229.68.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.229.68.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-68-39.eu-west-1.compute.amazonaws.com Software / Resource Hash 3d94d2c1cf8ee86c1470c062274f03ff8f117ddc059364876077883bfd7143ce Security Headers Name Value Content-Security-Policy script-src 'self' https://*.glitchtip.com; default-src 'self'; connect-src 'self' https://*.glitchtip.com; img-src 'self'; frame-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob: Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://booking.enakl.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 27 Mar 2023 17:14:50 GMT content-security-policy script-src 'self' https://*.glitchtip.com; default-src 'self'; connect-src 'self' https://*.glitchtip.com; img-src 'self'; frame-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob: x-content-type-options nosniff referrer-policy same-origin cross-origin-opener-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-frame-options DENY allow POST content-language de vary Accept-Language, Origin access-control-allow-origin * content-type application/json content-length 60
POST H2	501	/ Show response glitchtip.tech.padam.io/api/130/envelope/	60 B 625 B	79ms 78ms	Fetch application/json	54.229.68.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.229.68.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-68-39.eu-west-1.compute.amazonaws.com Software / Resource Hash 3d94d2c1cf8ee86c1470c062274f03ff8f117ddc059364876077883bfd7143ce Security Headers Name Value Content-Security-Policy worker-src 'self' blob:; script-src 'self' https://*.glitchtip.com; frame-src 'self'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://*.glitchtip.com; img-src 'self' Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://booking.enakl.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 27 Mar 2023 17:14:50 GMT content-security-policy worker-src 'self' blob:; script-src 'self' https://*.glitchtip.com; frame-src 'self'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://*.glitchtip.com; img-src 'self' x-content-type-options nosniff referrer-policy same-origin cross-origin-opener-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-frame-options DENY allow POST content-language de vary Accept-Language, Origin access-control-allow-origin * content-type application/json content-length 60
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	51ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://booking.enakl.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:40 GMT x-content-type-options nosniff age 549430 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:40 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	53ms 9ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://booking.enakl.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:38 GMT x-content-type-options nosniff age 549432 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:38 GMT
GET H/1.1	200 OK	enakl_casablanca_color.png s3-eu-west-1.amazonaws.com/padam-public-assets/enakl_casablanca/logos/	12 KB 13 KB	73ms 71ms	Image image/png	52.218.101.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-eu-west-1.amazonaws.com/padam-public-assets/enakl_casablanca/logos/enakl_casablanca_color.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.101.43 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash 561f51d31a4a0c2604aea759c2585576ac0e60f365b3bc1e8ce095f0e4c29cbd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 17:14:51 GMT x-amz-version-id null Last-Modified Mon, 23 Jan 2023 10:07:42 GMT Server AmazonS3 x-amz-request-id 5CX6JYY753RBNH7H ETag "df2831d5ed50470969d99b7c00914a17" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 12679 x-amz-id-2 L6axOrFf50ckt1B7MxZZRvU65K6ZfVul9Y7qF8ovt0o/FVcB7q9acIVky/S0P0DiKF6qK5zDOu8=
POST H2	200	/ Show response glitchtip.tech.padam.io/api/130/envelope/	41 B 602 B	125ms 125ms	Fetch application/json	54.229.68.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.229.68.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-68-39.eu-west-1.compute.amazonaws.com Software / Resource Hash 5dcbbcfb759a214d04123c9b6794650539b52cfdbff74796cb4ebc0481ae4323 Security Headers Name Value Content-Security-Policy script-src 'self' https://*.glitchtip.com; default-src 'self'; connect-src 'self' https://*.glitchtip.com; img-src 'self'; frame-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob: Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://booking.enakl.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 27 Mar 2023 17:14:50 GMT content-security-policy script-src 'self' https://*.glitchtip.com; default-src 'self'; connect-src 'self' https://*.glitchtip.com; img-src 'self'; frame-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob: x-content-type-options nosniff referrer-policy same-origin cross-origin-opener-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-frame-options DENY allow POST content-language de vary Accept-Language, Origin access-control-allow-origin * content-type application/json content-length 41

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| BASE_URL string| BRAND string| HOST_URL boolean| DEBUG string| ASSETS_URL string| LOGIN_TYPE string| DEFAULT_TERRITORY string| PRODUCT boolean| DISABLED_LOGIN string| GOOGLE_MAPS_API_KEY boolean| SIGNUP_AFTER_SEARCH object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView object| SENTRY_RELEASE object| SENTRY_RELEASES object| __SENTRY__ boolean| PHRASEAPP_ENABLED object| PHRASEAPP_CONFIG function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Message: Failed to load resource: the server responded with a status of 501 ()
network	error	URL: https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Message: Failed to load resource: the server responded with a status of 501 ()
network	error	URL: https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Message: Failed to load resource: the server responded with a status of 501 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.enakl.com
fonts.googleapis.com
fonts.gstatic.com
glitchtip.tech.padam.io
maps.googleapis.com
s3-eu-west-1.amazonaws.com
2a00:1450:4001:80f::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200a
52.218.101.43
52.31.67.199
54.229.68.39
0168735fcd21636bde8fbdfb1545519372f351e41659c146c78fafb9bba598ed
241723dda91e0d9daae8c12a7ff60350cf5354b5ac92748fded157ec923d79f7
3d94d2c1cf8ee86c1470c062274f03ff8f117ddc059364876077883bfd7143ce
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
561f51d31a4a0c2604aea759c2585576ac0e60f365b3bc1e8ce095f0e4c29cbd
5dcbbcfb759a214d04123c9b6794650539b52cfdbff74796cb4ebc0481ae4323
9e261175a39b8f83aded72b992dc1e8f6f0fa714d527450a31347aab52030531
aa59c8530487d44e3a3f73567832736c349d6e6fc23fe34e93c34d11b972ee63
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bc0b07f3dadced43ee29ef051934e6708d531ac6278f6cbcaa8a7642ba3be61f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
dcdf8359efc4d9ba7e2e4dd005d3637af4a534903ed46a6a57c0f951eae8a9e6
e3dcde5c977dd5f39f418d71ea77c98924cf85dbcaef2f60d89a83e9d81c3d93
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615