booking.no.dev.ethel.alpresor.net Open in urlscan Pro
54.93.125.207  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response booking.no.dev.ethel.alpresor.net/	3 KB 2 KB	286ms 94ms	Document text/html	54.93.125.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.93.125.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-125-207.eu-central-1.compute.amazonaws.com Software / Resource Hash b3e620e4bca638f9bafd4b9f4404112adcd0340ed6bf8f0a3a9b5a939335e346 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control max-age=0,no-cache content-encoding gzip content-length 1381 content-type text/html; charset=UTF-8 date Sat, 13 Jul 2024 10:42:20 GMT etag W/"669123e2-cf9" expires Sat, 13 Jul 2024 10:42:20 GMT last-modified Fri, 12 Jul 2024 12:38:58 GMT vary Accept-Encoding x-amz-apigw-id a2MCBFlrFiAEfZg= x-amzn-remapped-date Sat, 13 Jul 2024 10:42:20 GMT x-amzn-remapped-server envoy x-amzn-requestid 3e0fae27-1bf4-45b6-ad1d-e5205aefe222 x-envoy-upstream-service-time 1
GET H2	200	icon fonts.googleapis.com/	569 B 775 B	234ms 82ms	Stylesheet text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 13 Jul 2024 10:42:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 13 Jul 2024 10:42:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 13 Jul 2024 10:42:20 GMT
GET H2	200	main.d00a77dd.js Show response booking.no.dev.ethel.alpresor.net/static/js/	2 MB 312 KB	286ms 285ms	Script application/javascript	54.93.125.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.no.dev.ethel.alpresor.net/static/js/main.d00a77dd.js Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.93.125.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-125-207.eu-central-1.compute.amazonaws.com Software / Resource Hash 5cde98e71d7faa6669920febd0104a076e3049626db89868a22d457e17773433 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:21 GMT content-encoding gzip x-amzn-remapped-server envoy last-modified Fri, 12 Jul 2024 12:38:58 GMT x-amzn-requestid b506ebe5-5407-4d9f-a558-34c71ae15f87 etag W/"669123e2-1b3c06" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, public x-envoy-upstream-service-time 5 x-amz-apigw-id a2MCCHd5liAELUg= content-length 318849 x-amzn-remapped-date Sat, 13 Jul 2024 10:42:20 GMT
GET H2	200	main.fd4b6200.css booking.no.dev.ethel.alpresor.net/static/css/	69 KB 18 KB	166ms 166ms	Stylesheet text/css	54.93.125.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.no.dev.ethel.alpresor.net/static/css/main.fd4b6200.css Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.93.125.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-125-207.eu-central-1.compute.amazonaws.com Software / Resource Hash 0d6a7d9b8dc5ab7bf6ccac27cd7cf3cf045ab47ee2366c1c74fb85cd22730f20 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:20 GMT content-encoding gzip x-amzn-remapped-server envoy last-modified Fri, 12 Jul 2024 12:38:58 GMT x-amzn-requestid 43635020-3f5d-4cfa-8c9f-2b6368a67698 etag W/"669123e2-1137c" vary Accept-Encoding content-type text/css cache-control max-age=31536000, public x-envoy-upstream-service-time 2 x-amz-apigw-id a2MCCF9gliAEdFQ= content-length 17947 x-amzn-remapped-date Sat, 13 Jul 2024 10:42:20 GMT
GET H2	200	icon fonts.googleapis.com/	0 0	207ms 207ms	Other text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 13 Jul 2024 10:42:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 13 Jul 2024 10:42:20 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 598 B	80ms 80ms	Stylesheet text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=PT+Sans:400,700 Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/static/css/main.fd4b6200.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f39537780d8d5d477e79126e72f0107b63ffdb5a3bacabcab32fdce74bac9725 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 13 Jul 2024 10:42:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 13 Jul 2024 10:06:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 13 Jul 2024 10:42:20 GMT
GET H/1.1	200 OK	alpereiser_logo.svg www.alpereiser.no/globalassets/global-images/alpresor-loggor/	43 KB 44 KB	311ms 92ms	Image image/svg+xml	217.28.206.98 TRIPNET
General Check archive.org Show headers Download Go to Show image Full URL https://www.alpereiser.no/globalassets/global-images/alpresor-loggor/alpereiser_logo.svg Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 217.28.206.98 , Sweden, ASN34385 (TRIPNET, SE), Reverse DNS sts-epiweb02.tripnet.se Software Microsoft-IIS/8.0 / STS Alpresor Resource Hash 4a9defb62a0e8b210af5024f9e0a29011d2bade597d27f83cf0b967050991823 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 13 Jul 2024 10:42:20 GMT X-Content-Type-Options nosniff Last-Modified Wed, 28 Jun 2017 15:24:17 GMT Server Microsoft-IIS/8.0 ETag "1D2F0229B476F30" X-Powered-By STS Alpresor Content-Type image/svg+xml Cache-Control public Accept-Ranges bytes Content-Length 44428 Expires Sat, 13 Jul 2024 22:42:20 GMT
GET H2	200	jizaRExUiTo99u79D0KExQ.woff2 fonts.gstatic.com/s/ptsans/v17/	44 KB 45 KB	219ms 72ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://booking.no.dev.ethel.alpresor.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 09:44:45 GMT x-content-type-options nosniff age 349056 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45300 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Jul 2025 09:44:45 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	254 KB 83 KB	281ms 132ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MZNV7B7&gtm_auth=aupWkE2jkBSyvBs4LT1Eag&gtm_preview=env-6&gtm_cookies_win=x Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cba2281cbd982387dd4ac02487c484c048ec4c59ce782bad4766cd6e79282edd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 84538 x-xss-protection 0 pragma no-cache server Google Tag Manager vary * content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	currentMarket Show response booking.no.dev.ethel.alpresor.net/api/v1/query/travelBooking/	174 B 437 B	246ms 246ms	Fetch application/json	54.93.125.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.no.dev.ethel.alpresor.net/api/v1/query/travelBooking/currentMarket Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/static/js/main.d00a77dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.93.125.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-125-207.eu-central-1.compute.amazonaws.com Software / Resource Hash 93b0d5d646a6d8fe10d87bea7aff528bc30816ebe98611c271ab416fbed9861c Request headers Accept application/json x-clientversion v1.0.0-26b0f49aa44aff4bbd48880e1fdf2022ac3a2d86 Referer https://booking.no.dev.ethel.alpresor.net/ X-Origin-App web User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Sat, 13 Jul 2024 10:42:21 GMT x-amzn-remapped-server envoy x-correlationid http-7ffc1d42 x-amzn-requestid 015f3594-f767-4a3a-a198-242c4a200663 content-type application/json; charset=utf-8 x-envoy-upstream-service-time 158 x-amz-apigw-id a2MCIHHvFiAEHVQ= content-length 174 x-amzn-remapped-date Sat, 13 Jul 2024 10:42:21 GMT
GET H2	200	7747.9a9945e4.chunk.js Show response booking.no.dev.ethel.alpresor.net/static/js/	1 KB 1 KB	94ms 94ms	Script application/javascript	54.93.125.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.no.dev.ethel.alpresor.net/static/js/7747.9a9945e4.chunk.js Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/static/js/main.d00a77dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.93.125.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-125-207.eu-central-1.compute.amazonaws.com Software / Resource Hash 303048c8a0dd13060710875925140e8d10eb79a828f7161ec6ec99ba06a6b245 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:21 GMT content-encoding gzip x-amzn-remapped-server envoy last-modified Fri, 12 Jul 2024 12:38:58 GMT x-amzn-requestid 3accbe85-45a5-404d-b97c-7be40cd80cec etag W/"669123e2-536" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, public x-envoy-upstream-service-time 1 x-amz-apigw-id a2MCLFhOFiAENpw= content-length 717 x-amzn-remapped-date Sat, 13 Jul 2024 10:42:21 GMT
GET H2	200	nb.json Show response booking.no.dev.ethel.alpresor.net/locales/	17 KB 7 KB	93ms 92ms	Fetch application/json	54.93.125.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.no.dev.ethel.alpresor.net/locales/nb.json Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/static/js/main.d00a77dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.93.125.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-125-207.eu-central-1.compute.amazonaws.com Software / Resource Hash 312a13d8388d3f9115e817931059d86072ca28ca63b8acc9347e48922219b0da Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:21 GMT content-encoding gzip x-amzn-remapped-server envoy last-modified Fri, 12 Jul 2024 12:38:10 GMT x-amzn-requestid 91fb3ab0-03a4-48a2-baea-301891e37023 etag W/"669123b2-4483" vary Accept-Encoding content-type application/json cache-control max-age=0,no-cache x-envoy-upstream-service-time 1 x-amz-apigw-id a2MCMGCWFiAEPfg= content-length 6444 x-amzn-remapped-date Sat, 13 Jul 2024 10:42:21 GMT expires Sat, 13 Jul 2024 10:42:21 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	223 KB 60 KB	194ms 64ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 13 Jul 2024 10:42:21 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58653 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=61, rtx=0, c=12, mss=1297, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug oqmsrYZisUZS3dvUEQQm8MPAePoPcPV93SJlXAMCM8Q9ub+cjjXerfoUUtMrcDisdTspBhvgr6aoNe0ip7He5Q== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	sm.js Show response app2.salesmanago.pl/static/	131 KB 48 KB	312ms 83ms	Script application/javascript	91.227.202.129 TKPSA-AS
General Check archive.org Show headers Download Go to Full URL https://app2.salesmanago.pl/static/sm.js Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL), Reverse DNS host91227202129.3s.pl Software Apache / Resource Hash 344a2d9aa6bf67a5dcc7654aa1d447a33d9b83643de2402696b6d6d7f7985ffa Security Headers Name Value Strict-Transport-Security max-age=31540000 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:22 GMT content-encoding gzip strict-transport-security max-age=31540000 last-modified Wed, 03 Jul 2024 04:16:10 GMT server Apache etag "20b2a-61c50170f17ad-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=3600 accept-ranges bytes content-length 48851 expires Sat, 13 Jul 2024 11:42:22 GMT
GET H2	200	charterTypes Show response booking.no.dev.ethel.alpresor.net/api/v1/query/market/charterType/	6 KB 6 KB	104ms 104ms	Fetch application/json	54.93.125.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.no.dev.ethel.alpresor.net/api/v1/query/market/charterType/charterTypes?travelType=Charter Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/static/js/main.d00a77dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.93.125.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-125-207.eu-central-1.compute.amazonaws.com Software / Resource Hash 139c09e2fcd258185e47c5836955aed4b7f3c566926aaedff54eec12684b345e Request headers Accept application/json x-clientversion v1.0.0-26b0f49aa44aff4bbd48880e1fdf2022ac3a2d86 Referer https://booking.no.dev.ethel.alpresor.net/ X-Origin-App web User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Sat, 13 Jul 2024 10:42:21 GMT x-amzn-remapped-server envoy x-correlationid http-f6912182 x-amzn-requestid 905a5f3d-07b8-4b95-b7b9-b59b3ca00b6a content-type application/json; charset=utf-8 x-envoy-upstream-service-time 12 x-amz-apigw-id a2MCNFjcFiAEHUg= content-length 5710 x-amzn-remapped-date Sat, 13 Jul 2024 10:42:21 GMT
GET DATA	200 OK	truncated /	301 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 03566d1223c896d8d8dd207025e06743067bb3d1b14042ba42e89c922b48933b Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v142/	125 KB 126 KB	102ms 102ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/icon?family=Material+Icons Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://booking.no.dev.ethel.alpresor.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 09:55:55 GMT x-content-type-options nosniff age 348386 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Mon, 08 Apr 2024 19:04:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Jul 2025 09:55:55 GMT
GET H2	200	jizfRExUiTo99u79B_mh0O6tLQ.woff2 fonts.gstatic.com/s/ptsans/v17/	46 KB 46 KB	71ms 71ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://booking.no.dev.ethel.alpresor.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 09:58:08 GMT x-content-type-options nosniff age 348253 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47048 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:55:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Jul 2025 09:58:08 GMT
GET H2	200	quikbook Show response booking.no.dev.ethel.alpresor.net/api/v1/query/travelBooking/	13 KB 13 KB	787ms 787ms	Fetch application/json	54.93.125.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.no.dev.ethel.alpresor.net/api/v1/query/travelBooking/quikbook?marketId=NO&travelType=Charter&epiServerId=winter&hotelId= Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/static/js/main.d00a77dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.93.125.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-125-207.eu-central-1.compute.amazonaws.com Software / Resource Hash 1d9bf8bfa9f5a693d5ae45b52a137cbb4b9f990c67caf9355b8ca690c0bf776a Request headers Accept application/json x-clientversion v1.0.0-26b0f49aa44aff4bbd48880e1fdf2022ac3a2d86 Referer https://booking.no.dev.ethel.alpresor.net/ X-Origin-App web User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Sat, 13 Jul 2024 10:42:22 GMT x-amzn-remapped-server envoy x-correlationid http-62d276d8 x-amzn-requestid b34d9b1b-f2a8-46f0-ba76-35b520040c47 content-type application/json; charset=utf-8 x-envoy-upstream-service-time 691 x-amz-apigw-id a2MCOHG9liAEftg= content-length 12921 x-amzn-remapped-date Sat, 13 Jul 2024 10:42:22 GMT
GET H2	200	325696197614319 Show response connect.facebook.net/signals/config/	68 KB 14 KB	202ms 201ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/325696197614319?v=2.9.161&r=stable&domain=booking.no.dev.ethel.alpresor.net&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3748d8f468b5a29603770eabf5417a79c8d8562042ba65a46211803ed763aef2 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 13 Jul 2024 10:42:22 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=69, rtx=0, c=65, mss=1297, tbw=64162, tp=-1, tpl=-1, uplat=136, ullat=1 pragma public x-fb-debug 9M8heHAoPQOJT2SCii5uLOX9jt1sgd2+QvwuXZwAjk9MALRm38hOZSBuY6SfRvc+3l0Iofvb6tMUoG4dRNCQbg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	sm_war.58ea52024bdbbea4e8e1.js Show response app2.salesmanago.pl/static/chunk/	5 KB 2 KB	82ms 81ms	Script application/javascript	91.227.202.129 TKPSA-AS
General Check archive.org Show headers Download Go to Full URL https://app2.salesmanago.pl/static/chunk/sm_war.58ea52024bdbbea4e8e1.js Requested by Host: app2.salesmanago.pl URL: https://app2.salesmanago.pl/static/sm.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL), Reverse DNS host91227202129.3s.pl Software Apache / Resource Hash 587a12bfb55f1baee0a2222996887a0e814b3931b34f928e3b049bb14d65a1cc Security Headers Name Value Strict-Transport-Security max-age=31540000 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:22 GMT content-encoding gzip strict-transport-security max-age=31540000 last-modified Wed, 03 Jul 2024 04:06:03 GMT server Apache etag "1553-61c4ff2e81a64-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=216000, public accept-ranges bytes content-length 2113 expires Sat, 13 Jul 2024 11:42:22 GMT
GET H2	200	vc.json Show response vc-service.saleago.com/api/	2 KB 2 KB	194ms 74ms	XHR application/json	34.110.154.184 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://vc-service.saleago.com/api/vc.json?s=48e8d8a502d2c5fb&i=2 Requested by Host: app2.salesmanago.pl URL: https://app2.salesmanago.pl/static/sm.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.154.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 184.154.110.34.bc.googleusercontent.com Software / Resource Hash bd017ba9596904310901a17abd2dad071ad375d42ee84221914b3004efc10f31 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-origin * date Sat, 13 Jul 2024 10:42:21 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1874 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=utf-8
GET H2	200	vs Show response app2.salesmanago.pl/api/	24 B 283 B	255ms 79ms	XHR application/json	91.227.202.129 TKPSA-AS
General Check archive.org Show headers Download Go to Full URL https://app2.salesmanago.pl/api/vs?location=booking.no.dev.ethel.alpresor.net&referrer= Requested by Host: app2.salesmanago.pl URL: https://app2.salesmanago.pl/static/sm.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL), Reverse DNS host91227202129.3s.pl Software Apache / Resource Hash ad90eed55da429579ff1f8e62cc1c23eaa5dd62b74cae29c83a777bc25a7623b Security Headers Name Value Strict-Transport-Security max-age=31540000 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:22 GMT content-encoding gzip strict-transport-security max-age=31540000 server Apache vary Accept-Encoding content-type application/json;charset=UTF-8 access-control-allow-origin * cache-control max-age=1 expires Sat, 13 Jul 2024 10:42:23 GMT
GET H2	200	r.gif app2.salesmanago.pl/api/	43 B 409 B	84ms 83ms	Image image/gif	91.227.202.129 TKPSA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://app2.salesmanago.pl/api/r.gif?uri=%2F&location=booking.no.dev.ethel.alpresor.net&uuid=190abafc7a2-e8014fc95ac7-f0a7eb54-6c438b9d-e782ebfe-2fd459ce1fd7&referrer=&smid=48e8d8a502d2c5fb&time=2024-07-13T10%3A42%3A22Z&timestamp=1720867342246&session=1&title=STS%20Alpereiser&cp=1720867342246&ns=true&fp=1e9838c686f18726e7fcdc14d6942869 Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL), Reverse DNS host91227202129.3s.pl Software Apache / Resource Hash 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3 Security Headers Name Value Strict-Transport-Security max-age=31540000 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:22 GMT content-encoding gzip strict-transport-security max-age=31540000 server Apache vary Accept-Encoding content-type image/gif;charset=UTF-8 cache-control max-age=0 expires Sat, 13 Jul 2024 10:42:22 GMT
GET H2	200	/ www.facebook.com/tr/	0 270 B	181ms 61ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=325696197614319&ev=PageView&dl=https%3A%2F%2Fbooking.no.dev.ethel.alpresor.net%2F&rl=&if=false&ts=1720867342336&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720867342335.53691005513136690&cs_est=true&ler=empty&cdl=API_unavailable&it=1720867342120&coo=false&rqm=GET Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality GOOD; q=0.7, rtt=58, rtx=0, c=10, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sat, 13 Jul 2024 10:42:22 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	383ms 263ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=325696197614319&ev=PageView&dl=https%3A%2F%2Fbooking.no.dev.ethel.alpresor.net%2F&rl=&if=false&ts=1720867342336&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720867342335.53691005513136690&cs_est=true&ler=empty&cdl=API_unavailable&it=1720867342120&coo=false&rqm=FGET Requested by Host: booking.no.dev.ethel.alpresor.net URL: https://booking.no.dev.ethel.alpresor.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb3511330868afefa","source_keys":["1","2"]},{"key_piece":"0xb8a0a06573125547","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sat, 13 Jul 2024 10:42:22 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391068956541680274", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=58, rtx=0, c=10, mss=1297, tbw=3098, tp=-1, tpl=-1, uplat=202, ullat=0 pragma no-cache x-fb-debug wsDXKdG1Do6nwl9jj4vq2cJSae7pGoW6SZkC+w4gLEXZH3LTtXxNG2HV/hMAWG8HUuPIKICP5rak3E25r+Yi7w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391068956541680274"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391068956541680274"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	fak.json Show response app2.salesmanago.pl/api/	46 B 348 B	109ms 109ms	XHR application/json	91.227.202.129 TKPSA-AS
General Check archive.org Show headers Download Go to Full URL https://app2.salesmanago.pl/api/fak.json?s=48e8d8a502d2c5fb&d=booking.no.dev.ethel.alpresor.net Requested by Host: app2.salesmanago.pl URL: https://app2.salesmanago.pl/static/sm.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL), Reverse DNS host91227202129.3s.pl Software Apache / Resource Hash dc67e62498c5980f1f79e9d96d62880b4e31353183df2565e2b09c1628bddce2 Security Headers Name Value Strict-Transport-Security max-age=31540000 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:22 GMT content-encoding gzip strict-transport-security max-age=31540000 server Apache vary Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin * cache-control max-age=1 expires Sat, 13 Jul 2024 10:42:23 GMT
GET H2	200	favicon.png booking.no.dev.ethel.alpresor.net/	2 KB 2 KB	96ms 94ms	Other image/png	54.93.125.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking.no.dev.ethel.alpresor.net/favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.93.125.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-125-207.eu-central-1.compute.amazonaws.com Software / Resource Hash 08d1e3127041f821a25525f932909e716eb3fb3f6beedf6ea786b07846f89379 Request headers Referer https://booking.no.dev.ethel.alpresor.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 10:42:22 GMT x-amzn-remapped-content-length 2027 last-modified Fri, 12 Jul 2024 12:38:10 GMT x-amzn-remapped-server envoy x-amzn-requestid d843ab90-aceb-41c9-a9f0-b70768cb0dc8 etag "669123b2-7eb" content-type image/png cache-control max-age=0,no-cache x-envoy-upstream-service-time 2 accept-ranges bytes x-amz-apigw-id a2MCWFFxliAEVAw= content-length 2027 x-amzn-remapped-date Sat, 13 Jul 2024 10:42:22 GMT expires Sat, 13 Jul 2024 10:42:22 GMT

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| market string| host string| noUrl string| noSrc string| fiUrl string| fiSrc string| seUrl string| seSrc object| header object| img object| a object| webpackChunksts object| __core-js_shared__ object| dataLayer object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| _smid string| SalesmanagoObject function| sm function| __smjsonp__ function| setImmediate function| clearImmediate object| ___sm.js___ object| smLiveChat object| smWebPushApi function| smCreateCookie function| smReadCookie function| smFindContactIdByExternalId function| smEvent function| buildEventUrl object| smQueue function| listener

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.booking.no.dev.ethel.alpresor.net/	1970-01-21 07:37:07	Name: smvr Value: eyJ2aXNpdHMiOjEsInZpZXdzIjoxLCJ0cyI6MTcyMDg2NzM0MjI0MSwiaXNOZXdTZXNzaW9uIjp0cnVlfQ==
			.booking.no.dev.ethel.alpresor.net/	1970-01-21 07:37:07	Name: smuuid Value: 190abafc7a2-e8014fc95ac7-f0a7eb54-6c438b9d-e782ebfe-2fd459ce1fd7
			.alpresor.net/	1970-01-21 00:10:43	Name: _fbp Value: fb.1.1720867342335.53691005513136690
			.booking.no.dev.ethel.alpresor.net/	1970-01-20 22:02:33	Name: _smvs Value: DIRECT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app2.salesmanago.pl
booking.no.dev.ethel.alpresor.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
vc-service.saleago.com
www.alpereiser.no
www.facebook.com
www.googletagmanager.com
217.28.206.98
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81d::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.110.154.184
54.93.125.207
91.227.202.129
03566d1223c896d8d8dd207025e06743067bb3d1b14042ba42e89c922b48933b
08d1e3127041f821a25525f932909e716eb3fb3f6beedf6ea786b07846f89379
0d6a7d9b8dc5ab7bf6ccac27cd7cf3cf045ab47ee2366c1c74fb85cd22730f20
139c09e2fcd258185e47c5836955aed4b7f3c566926aaedff54eec12684b345e
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1d9bf8bfa9f5a693d5ae45b52a137cbb4b9f990c67caf9355b8ca690c0bf776a
303048c8a0dd13060710875925140e8d10eb79a828f7161ec6ec99ba06a6b245
312a13d8388d3f9115e817931059d86072ca28ca63b8acc9347e48922219b0da
344a2d9aa6bf67a5dcc7654aa1d447a33d9b83643de2402696b6d6d7f7985ffa
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3748d8f468b5a29603770eabf5417a79c8d8562042ba65a46211803ed763aef2
4a9defb62a0e8b210af5024f9e0a29011d2bade597d27f83cf0b967050991823
587a12bfb55f1baee0a2222996887a0e814b3931b34f928e3b049bb14d65a1cc
5cde98e71d7faa6669920febd0104a076e3049626db89868a22d457e17773433
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
93b0d5d646a6d8fe10d87bea7aff528bc30816ebe98611c271ab416fbed9861c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad90eed55da429579ff1f8e62cc1c23eaa5dd62b74cae29c83a777bc25a7623b
b3e620e4bca638f9bafd4b9f4404112adcd0340ed6bf8f0a3a9b5a939335e346
bd017ba9596904310901a17abd2dad071ad375d42ee84221914b3004efc10f31
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
cba2281cbd982387dd4ac02487c484c048ec4c59ce782bad4766cd6e79282edd
dc67e62498c5980f1f79e9d96d62880b4e31353183df2565e2b09c1628bddce2
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f39537780d8d5d477e79126e72f0107b63ffdb5a3bacabcab32fdce74bac9725