booking.eu.guestline.app Open in urlscan Pro
172.211.210.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tic.dbm.guestline.net/
Effective URL:
https://booking.eu.guestline.app/TIC/
Submission: On July 19 via api (July 19th 2024, 3:06:59 pm UTC) from IE — Scanned from DE

Summary HTTP 89 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 22 domains to perform 89 HTTP transactions. The main IP is 172.211.210.15, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is booking.eu.guestline.app.
TLS certificate: Issued by R10 on July 1st 2024. Valid for: 3 months.

This is the only time booking.eu.guestline.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.211.210.15 172.211.210.15	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
54	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.27.5 13.32.27.5	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.106 18.66.102.106	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.227.219.120 13.227.219.120	16509 (AMAZON-02) (AMAZON-02)
1	35.153.191.249 35.153.191.249	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.219.229 172.65.219.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:320... 2a06:98c1:3200::90:3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
89	24

1 2606:4700::6812:794 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tic.dbm.guestline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.211.210.15 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

booking.eu.guestline.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gxp-editor.eu.guestline.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gxp-dbm-prod-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gxp-configs-prod-cdn-ep.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
getschwifty.guestline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media-prod-cdn-ep.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-5.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-120.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.191.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-191-249.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States) 2 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3200::90:3 (United States)

ASN13335 (CLOUDFLARENET, US)

api-eu1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	guestline.net 1 redirects tic.dbm.guestline.net getschwifty.guestline.net — Cisco Umbrella Rank: 618507	3 MB
24	azureedge.net gxp-dbm-prod-cdn.azureedge.net gxp-configs-prod-cdn-ep.azureedge.net — Cisco Umbrella Rank: 455228 media-prod-cdn-ep.azureedge.net	923 KB
7	guestline.app booking.eu.guestline.app gxp-editor.eu.guestline.app — Cisco Umbrella Rank: 561465	55 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 c.clarity.ms — Cisco Umbrella Rank: 1838 q.clarity.ms — Cisco Umbrella Rank: 8520	28 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 51227 forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 53121	25 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
2	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3773	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	172 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 5185 heapanalytics.com — Cisco Umbrella Rank: 4304	38 KB
1	hubspot.com track-eu1.hubspot.com — Cisco Umbrella Rank: 28501	1 KB
1	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 53409	1 KB
1	hubapi.com api-eu1.hubapi.com — Cisco Umbrella Rank: 41639	1 KB
1	hsadspixel.net js-eu1.hsadspixel.net — Cisco Umbrella Rank: 40376	4 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 28245	24 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 27842	26 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	260 B
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 25412	1 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	774 B
89	22

	Domain	Requested by
30	getschwifty.guestline.net
21	gxp-dbm-prod-cdn.azureedge.net	booking.eu.guestline.app gxp-dbm-prod-cdn.azureedge.net
5	booking.eu.guestline.app	gxp-dbm-prod-cdn.azureedge.net
2	www.facebook.com
2	connect.facebook.net	js-eu1.hsadspixel.net connect.facebook.net
2	region1.google-analytics.com
2	region1.analytics.google.com	2 redirects
2	gxp-editor.eu.guestline.app	gxp-dbm-prod-cdn.azureedge.net
2	www.googletagmanager.com	booking.eu.guestline.app www.googletagmanager.com
2	q.clarity.ms	gxp-dbm-prod-cdn.azureedge.net
2	c.clarity.ms	1 redirects
2	www.clarity.ms	booking.eu.guestline.app www.clarity.ms
2	gxp-configs-prod-cdn-ep.azureedge.net	gxp-dbm-prod-cdn.azureedge.net
1	track-eu1.hubspot.com
1	forms-eu1.hsforms.com
1	forms-eu1.hscollectedforms.net	gxp-dbm-prod-cdn.azureedge.net
1	api-eu1.hubapi.com	gxp-dbm-prod-cdn.azureedge.net
1	media-prod-cdn-ep.azureedge.net
1	js-eu1.hsadspixel.net	js-eu1.hs-scripts.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	js-eu1.hs-scripts.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	heapanalytics.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	booking.eu.guestline.app
1	cdn.heapanalytics.com	booking.eu.guestline.app
1	tic.dbm.guestline.net	1 redirects
89	31

This site contains links to these domains. Also see Links.

Domain
www.aghotels.co.uk

Subject Issuer	Validity	Valid
eu.guestline.app R10	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 03	`2024-06-24` - `2025-06-19`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
getschwifty.guestline.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-06`	a year	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hscollectedforms.net E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hubapi.com E6	`2024-07-02` - `2024-09-30`	3 months	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-27` - `2024-07-26`	3 months	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://booking.eu.guestline.app/TIC/
Frame ID: 5CA2A3BB74CF48EBE57E4B28CA0A11A7
Requests: 88 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AG Hotels

Page URL History Show full URLs

http://tic.dbm.guestline.net/ HTTP 307
https://tic.dbm.guestline.net/ HTTP 302
https://booking.eu.guestline.app/TIC/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

89
Requests

97 %
HTTPS

44 %
IPv6

22
Domains

31
Subdomains

24
IPs

5
Countries

4889 kB
Transfer

7058 kB
Size

29
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.aghotels.co.uk/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tic.dbm.guestline.net/ HTTP 307
https://tic.dbm.guestline.net/ HTTP 302
https://booking.eu.guestline.app/TIC/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=637F0C48984E42AAA30E70312C9D8A11&RedC=c.clarity.ms&MXFR=014755F4D6C2694812814135D2C267D2 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=637F0C48984E42AAA30E70312C9D8A11&MUID=1B41D8AECE966EA11780CC6FCF966F58

Request Chain 44

https://region1.analytics.google.com/g/collect?v=2&tid=G-YTBVBBFXV7&gtm=45je47h0v881600804z89116757936za200zb9116757936&_p=1721401613449&_gaz=1&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=729853119.1721401614&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721401613&sct=1&seg=0&dl=https%3A%2F%2Fbooking.eu.guestline.app%2FTIC%2F&dt=AG%20Hotels&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&tfd=1158&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=729853119.1721401614&dbk=4464020184754432851&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je47h0v881600804z89116757936za200zb9116757936&npa=0&tid=G-YTBVBBFXV7&dl=https%3A%2F%2Fbooking.eu.guestline.app%3F

Request Chain 47

https://region1.analytics.google.com/g/collect?v=2&tid=G-YTBVBBFXV7&gtm=45je47h0v881600804za200zb9116757936&_p=1721401613449&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=729853119.1721401614&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1721401613&sct=1&seg=0&dl=https%3A%2F%2Fbooking.eu.guestline.app%2FTIC%2F&dt=AG%20Hotels&en=scroll&_c=1&epn.percent_scrolled=90&_et=70&tfd=1228&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=729853119.1721401614&dbk=5932860816575410205&dma=1&dma_cps=syphamo&en=scroll&gcs=G111&gtm=45je47h0v881600804za200zb9116757936&npa=0&tid=G-YTBVBBFXV7&dl=https%3A%2F%2Fbooking.eu.guestline.app%3F

89 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
booking.eu.guestline.app/TIC/
Redirect Chain

http://tic.dbm.guestline.net/
https://tic.dbm.guestline.net/
https://booking.eu.guestline.app/TIC/

16 KB
17 KB

118ms
26ms

Document
text/html

172.211.210.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.eu.guestline.app/TIC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.211.210.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

8aafb62ee6d05105377e2e81db82cf7e10419dfa043d02a8174c5a4beb0fce50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
content-length: 16796
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-89085c033c1d1231665a7d4f66d819ea' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
content-type: text/html
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 19 Jul 2024 15:06:52 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
server: istio-envoy
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 5
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-ratelimit-limit: 200
x-ratelimit-remaining: 199
x-ratelimit-reset: 60

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
cf-cache-status: DYNAMIC
cf-ray: 8a5b9e2e3ab8692e-FRA
content-length: 0
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-cf9cf5b03e8dcd10e74c0761d2909645' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 19 Jul 2024 15:06:52 GMT
location: https://booking.eu.guestline.app/TIC/
origin-agent-cluster: ?1
referrer-policy: no-referrer
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: ASP.NET
x-ratelimit-limit: 200
x-ratelimit-remaining: 199
x-ratelimit-reset: 60

GET
H2 200 index-DRvtKznZ.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 1 MB
452 KB 84ms
15ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Requested by

Host: booking.eu.guestline.app
URL: https://booking.eu.guestline.app/TIC/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c29a9c6906e6b2af8e5768eeaed3a041407c13fb13221389255d78311b6c1d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-d41488b74628d4ad4980a69e9f61f865' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 5
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Thu, 18 Jul 2024 18:17:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"127892-190c7100fd1"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 197
access-control-allow-credentials: true
x-ratelimit-reset: 58
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150652Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c00k

GET
H2 200 index-BekZHDi0.css
gxp-dbm-prod-cdn.azureedge.net/static/ 3 KB
2 KB 78ms
9ms Stylesheet
text/css 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/index-BekZHDi0.css

Requested by

Host: booking.eu.guestline.app
URL: https://booking.eu.guestline.app/TIC/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a984dc451b4ace53d437eec8c915cf72984151b027cf9638fd3bdd1fe3bee808

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-780e5b323ee00c15f70f7a7642eb3610' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 5
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"c17-190c8c86f2e"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 196
access-control-allow-credentials: true
x-ratelimit-reset: 58
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150652Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c00h

GET
H2 200 countries-CUhPtVK4.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 8 KB
5 KB 11ms
10ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/countries-CUhPtVK4.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4d3e3a4ab634d1fc58aaacef189c8ba0eabb338f3389433136dfafbb731e6df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-52dd37c835edbb07692caee901f5fdc4' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 7
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"1e23-190c8c86f6a"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 193
access-control-allow-credentials: true
x-ratelimit-reset: 57
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c00z

GET
H2 200 main-D3Z0nf-a.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 39 KB
17 KB 11ms
10ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/main-D3Z0nf-a.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89445df13db3f8eb3eefdcd2e8d12a6b327566549d9045652aa912a0d7ece46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-8ef5d55665d91959d6508c4793760c4c' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 23
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Thu, 18 Jul 2024 18:17:16 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"9add-190c7100f99"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 191
access-control-allow-credentials: true
x-ratelimit-reset: 57
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c010

GET
H2 200 states-BeEwU_NQ.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 1 KB
2 KB 11ms
10ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/states-BeEwU_NQ.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d02ae15ee612d56ccbfb26e6e083983172ed9a6e0fc89e1b918a3c7301fb317d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-4786476a9b9506b19d4ee319655cda0e' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"58e-190c8c86f2e"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 192
access-control-allow-credentials: true
x-ratelimit-reset: 57
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c011

GET
H2 200 countries-BfMBmc0t.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 8 KB
5 KB 11ms
10ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/countries-BfMBmc0t.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a93bed27bc06405f010d736ab543d69cf4f4fb23a6aebd755b4925c5d047bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-bd67831cd2426a59d594d281ca1354d2' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 23
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Thu, 18 Jul 2024 18:17:16 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"1eb9-190c7100f35"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 190
access-control-allow-credentials: true
x-ratelimit-reset: 57
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c012

GET
H2 200 main-CSIvP2s_.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 37 KB
16 KB 12ms
11ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/main-CSIvP2s_.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b74e49a0ea5e02cbf1fcfea4a544c1caca6bcd3ae011473f975c1b6acc9ed762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-cf9926d23efb3680742648cfb2f02d06' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 7
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"927e-190c8c86f46"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 189
access-control-allow-credentials: true
x-ratelimit-reset: 57
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c013

GET
H2 200 states-DRQr4Ynh.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 1 KB
2 KB 13ms
13ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/states-DRQr4Ynh.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85529b7e7a24baf55d32934b9cf28e69c54555235e6931b7e1ac8b52474ddd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-7b74bda71d5573a463744e1857356738' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"58d-190c8c86f32"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 194
access-control-allow-credentials: true
x-ratelimit-reset: 57
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c014

GET
H2 200 favicon.ico
booking.eu.guestline.app/ 16 KB
17 KB 34ms
33ms Other
text/html 172.211.210.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.eu.guestline.app/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.211.210.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

c8de82c9d683b6cc4ceee62e267b0f2dc6e1028d849bff91cc7fc9f4d05bc2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 19 Jul 2024 15:06:53 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-6cb583bf5455ec1e465863cd53df9eca' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: same-origin
content-length: 16796
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
server: istio-envoy
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
origin-agent-cluster: ?1
content-type: text/html
x-ratelimit-remaining: 198
access-control-allow-credentials: true
x-ratelimit-reset: 59
x-ratelimit-limit: 200
access-control-allow-headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control

OPTIONS
H2 200 configs
gxp-configs-prod-cdn-ep.azureedge.net/api/collections/TIC/ 0
0 66ms
21ms Preflight
text/html 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-configs-prod-cdn-ep.azureedge.net/api/collections/TIC/configs?sections[]=analytics&sections[]=branding&sections[]=dbm&sections[]=collection&sections[]=integration
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-ai-data
Access-Control-Request-Method: GET
Origin: https://booking.eu.guestline.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: *
allow: GET,HEAD
content-length: 8
content-type: text/html; charset=utf-8
date: Fri, 19 Jul 2024 15:06:53 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
request-context: appId=cid-v1:
vary: Accept-Encoding
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c019
x-cache: TCP_MISS
x-envoy-upstream-service-time: 1
x-powered-by: Express

GET
H2 200 TIC Show response
booking.eu.guestline.app/api/hotels/ 20 KB
20 KB 335ms
335ms Fetch
application/json 172.211.210.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.eu.guestline.app/api/hotels/TIC?language=de

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.211.210.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6163b4f03e40f21ee9be04e66eae5d245f9a29bfd172475a545d31f751229141

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
client-ai-data: {"userId":"vsa+nPJ+X9qppkZFhgvQ60","sessionId":"XGF5cBUaUVSUY1st8u8MyL"}
traceparent: 00-c0dfc7b5d3f849cebd48db8911b734de-cc570155f1974960-01
request-id: |c0dfc7b5d3f849cebd48db8911b734de.cc570155f1974960
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 19 Jul 2024 15:06:53 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-859fa923d8d85ab37d20d10eb023ae37' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 320
cross-origin-resource-policy: same-origin
content-length: 20443
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
server: istio-envoy
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
origin-agent-cluster: ?1
content-type: application/json; charset=utf-8
x-ratelimit-remaining: 197
access-control-allow-credentials: true
x-ratelimit-reset: 59
x-ratelimit-limit: 200
cache-control: public, max-age=3600
access-control-allow-headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control

GET
H2 200 configs Show response
gxp-configs-prod-cdn-ep.azureedge.net/api/collections/TIC/ 3 KB
2 KB 9ms
9ms Fetch
application/json 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-configs-prod-cdn-ep.azureedge.net/api/collections/TIC/configs?sections[]=analytics&sections[]=branding&sections[]=dbm&sections[]=collection&sections[]=integration
Requested by: Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: b8c37983de668f2e70257d9c8ed63a8875172a12535b9302df7cd1550bc3aa1b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Client-Ai-Data: {"userId":"vsa+nPJ+X9qppkZFhgvQ60","sessionId":"XGF5cBUaUVSUY1st8u8MyL"}

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: TCP_HIT
x-envoy-upstream-service-time: 26
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
request-context: appId=cid-v1:
etag: W/"a78-CPcjFJsHoz1z3upbkxgf1yJoroU"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c01d
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data

GET
H2 200 TIC Show response
booking.eu.guestline.app/api/session/ 107 B
343 B 24ms
24ms Fetch
application/json 172.211.210.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.eu.guestline.app/api/session/TIC

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.211.210.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

007255c51ece028fdeb7aea2b6ab040b8638a381ea0b0cd749393b17e8b5dafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
client-ai-data: {"userId":"vsa+nPJ+X9qppkZFhgvQ60","sessionId":"XGF5cBUaUVSUY1st8u8MyL"}
traceparent: 00-c0dfc7b5d3f849cebd48db8911b734de-7edc166d730e4ea1-01
request-id: |c0dfc7b5d3f849cebd48db8911b734de.7edc166d730e4ea1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 19 Jul 2024 15:06:53 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-706b937c3caa2d15360cb8ad278d1a55' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 9
cross-origin-resource-policy: same-origin
content-length: 107
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
server: istio-envoy
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
origin-agent-cluster: ?1
content-type: application/json; charset=utf-8
x-ratelimit-remaining: 196
access-control-allow-credentials: true
x-ratelimit-reset: 59
x-ratelimit-limit: 200
cache-control: public, max-age=300
access-control-allow-headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control

GET
H2 200 heap-2665089796.js Show response
cdn.heapanalytics.com/js/ 117 KB
38 KB 136ms
105ms Script
application/javascript 13.32.27.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2665089796.js

Requested by

Host: booking.eu.guestline.app
URL: https://booking.eu.guestline.app/TIC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-5.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

13e5a315b92546d07a31fae811934439a3e9df3c8eff0ab86a634b5002a91469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:47 GMT
content-encoding: br
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 6
x-powered-by: Express
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: nginx
etag: W/"1d376-UCt9pVptajfuS4JVszklb6spoEs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
x-amz-cf-id: SyrztsgaBD9nML_xGsBsz4lBZmcCAYyuQtFuEGZhkfdheA77ZSWbeQ==

GET
H2 200 hotjar-1856906.js Show response
static.hotjar.com/c/ 9 KB
4 KB 25ms
10ms Script
application/javascript 18.66.102.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1856906.js?sv=6

Requested by

Host: booking.eu.guestline.app
URL: https://booking.eu.guestline.app/TIC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-106.fra56.r.cloudfront.net

Software

Resource Hash

640e08e6283d8765afb07b1959bc7deb8f2afcbe0f8dce6d7a8c5a180717f363

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 19 Jul 2024 15:06:53 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 21
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/b480ee5ea19e3737d9aedb867cdf7e89
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: gQ_kCDoV6SKZ26t9C2EqkULH3ibQ6OYB4wsfHeH6H6qi9qijg_aC9Q==

GET
H2 200 kh5562uybv Show response
www.clarity.ms/tag/ 638 B
1002 B 167ms
123ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/kh5562uybv
Requested by: Host: booking.eu.guestline.app
URL: https://booking.eu.guestline.app/TIC/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0a278d13d2fedd29db48d35568e7b4ac33772970095059e52622f5427b808987

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cflnxs68f4yue0rrn00000000ag00000000u5pc
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 638
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 128ms
15ms Script
application/javascript 13.227.219.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1856906.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-120.ams54.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f655cacd0d6f7c5dc935ea687af6f3c0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1580146
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 7NFWfE8OldDFgYzuFYiWNhR8O39rQBIhxJjvjs5sPD57f4N96RctFg==

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 297ms
93ms Image
image/gif 35.153.191.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2665089796&u=3921327710256805&v=7229213377970914&s=3830454457953812&b=web&tv=4.0&z=0&h=%2FTIC%2F&d=booking.eu.guestline.app&ts=1721401613239&sch=1200&scw=1600&st=1721401613240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.191.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-191-249.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 16ms
15ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kh5562uybv
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240719T150653Z-16b8f8f97cflnxs68f4yue0rrn00000000ag00000000u5pq
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1bc7b3c2-101e-0065-5454-d9809f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=637F0C48984E42AAA30E70312C9D8A11&RedC=c.clarity.ms&MXFR=014755F4D6C2694812814135D2C267D2
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=637F0C48984E42AAA30E70312C9D8A11&MUID=1B41D8AECE966EA11780CC6FCF966F58

42 B
442 B

30ms
30ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=637F0C48984E42AAA30E70312C9D8A11&MUID=1B41D8AECE966EA11780CC6FCF966F58
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 15:06:52 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 19 Jul 2024 15:06:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1D743B5F9CDC4FAC9FD4C6D2A7EFDD39 Ref B: FRAEDGE1921 Ref C: 2024-07-19T15:06:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=637F0C48984E42AAA30E70312C9D8A11&MUID=1B41D8AECE966EA11780CC6FCF966F58
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
288 B 297ms
97ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://booking.eu.guestline.app
Date: Fri, 19 Jul 2024 15:06:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 TIC Show response
booking.eu.guestline.app/api/features/ 378 B
577 B 36ms
36ms Fetch
application/json 172.211.210.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.eu.guestline.app/api/features/TIC?

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.211.210.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

99c10aa4348d51d23bb7e00b5ca4892c7d526038498c620b18a893c6ed54aa08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
client-ai-data: {"userId":"vsa+nPJ+X9qppkZFhgvQ60","sessionId":"XGF5cBUaUVSUY1st8u8MyL"}
traceparent: 00-c0dfc7b5d3f849cebd48db8911b734de-fd93e7fa512647a3-01
request-id: |c0dfc7b5d3f849cebd48db8911b734de.fd93e7fa512647a3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 19 Jul 2024 15:06:53 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-c2bf62a1c172fe8dd4e9a4c7ae86b986' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 13
cross-origin-resource-policy: same-origin
content-length: 378
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
server: istio-envoy
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
origin-agent-cluster: ?1
content-type: application/json; charset=utf-8
x-ratelimit-remaining: 195
access-control-allow-credentials: true
x-ratelimit-reset: 59
x-ratelimit-limit: 200
access-control-allow-headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
71 KB 43ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNQ9PCZ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: booking.eu.guestline.app
URL: https://booking.eu.guestline.app/TIC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaefccb509b347c798c186dad6bfab3fb2902b0519daa7114813241ab5a12945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jul 2024 15:06:53 GMT

OPTIONS
H2 200 /
gxp-editor.eu.guestline.app/api/dbm/TIC/maintenance/ 0
0 93ms
16ms Preflight
text/html 172.211.210.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-editor.eu.guestline.app/api/dbm/TIC/maintenance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.211.210.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-ai-data
Access-Control-Request-Method: GET
Origin: https://booking.eu.guestline.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: *
allow: GET,HEAD
content-length: 8
content-type: text/html; charset=utf-8
date: Fri, 19 Jul 2024 15:06:53 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
request-context: appId=cid-v1:
server: istio-envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 1
x-powered-by: Express

GET
H2 200 index-DrLS2sUi.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 13 KB
7 KB 13ms
12ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/index-DrLS2sUi.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c151008b2f54b7b0959ded4e3a98a912462f25c162c66c4f51c1aa8c1ccecd26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-b87e5380ef60bab73dda0e3f02c06f60' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 19
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"327d-190c8c86f82"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 195
access-control-allow-credentials: true
x-ratelimit-reset: 52
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c028

GET
H2 200 index-BjA72YN_.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 355 KB
125 KB 13ms
12ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/index-BjA72YN_.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3aae4df67715883062b9793fbde0f65968186777c59f24428161836f8c579058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-3c4222e22267db42462b7470064372f1' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 5
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Thu, 18 Jul 2024 21:24:04 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"58adf-190c7bb120a"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 197
access-control-allow-credentials: true
x-ratelimit-reset: 58
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c029

GET
H2 200 Gallery-CEeNz7Du.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 106 KB
43 KB 16ms
15ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/Gallery-CEeNz7Du.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a0689c00d5ecc6c2a5aa8d347ab127fc8fa53f34ed7703879766b7417a855a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-de46a5c657adee25a87e32a10327a5c3' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"1a75d-190c8c86f3e"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 182
access-control-allow-credentials: true
x-ratelimit-reset: 56
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c02a

GET
H2 200 Gallery-Cf8tnR63.css
gxp-dbm-prod-cdn.azureedge.net/static/ 13 KB
5 KB 55ms
14ms Stylesheet
text/css 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/Gallery-Cf8tnR63.css

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6c62025af84b6c843921a80d955ce2a4cd11ca4f2de22434de1ddabc1bd903cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-34f535983de908da92399fdd7542a5e2' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 12
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 0
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Wed, 17 Jul 2024 18:10:37 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"3390-190c1e39ae3"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 188
access-control-allow-credentials: true
x-ratelimit-reset: 57
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-r185d5857fbkl9f6c70qu3xmu000000003a0000000001yz0

GET
H2 200 index-YNl1WsaG.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 2 KB
2 KB 14ms
12ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/index-YNl1WsaG.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5f68be8f76ef9c0ed765ebb97922c2c1223df87061672bf7772d92e2fb01ff64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-562e7da1e706bfb31f6f62363ad4f321' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Thu, 18 Jul 2024 18:17:16 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"84a-190c7100f3d"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 181
access-control-allow-credentials: true
x-ratelimit-reset: 56
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c02b

GET
H2 200 Person-B6uq6cFW.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 12 KB
6 KB 13ms
12ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/Person-B6uq6cFW.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce24b0b0c0b93b39585558595f1bf853ff0f62fead21987f4212af9b03d28c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-29755450fc67b9c80c95c9afc2b2fe9e' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 6
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Thu, 18 Jul 2024 18:17:16 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"30cf-190c7100f99"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 180
access-control-allow-credentials: true
x-ratelimit-reset: 56
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c02c

GET
H2 200 Chip-HL4enqaO.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 19 KB
8 KB 14ms
13ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/Chip-HL4enqaO.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5575ff7ba7e5407643526ac52d038a380e352c4f938795276d89361aea321391

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-b7c0342b6348fbfa4e0abb300ef5ac7a' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 9
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Thu, 18 Jul 2024 18:17:16 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"4a6c-190c7100f51"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 178
access-control-allow-credentials: true
x-ratelimit-reset: 56
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c02d

GET
H2 200 index-hxMgX3uF.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 3 KB
2 KB 14ms
13ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/index-hxMgX3uF.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ec6c784e174f38333989f355fa7bda2b1e7df558349bc3b9c438255b18f9970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-9acfce15e0b113bb060274a4c7846947' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 7
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"ba8-190c8c86f2e"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 176
access-control-allow-credentials: true
x-ratelimit-reset: 56
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c02e

GET
H2 200 Skeleton-CAfa3QZU.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 3 KB
3 KB 15ms
15ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/Skeleton-CAfa3QZU.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba117e5340e914c8957040e5a75a77eb84e830f5b061f83d6ca7cd011c51c182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-d814b450d845abc76be3789e5e21b1cb' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 4
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"c38-190c8c86f2e"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 175
access-control-allow-credentials: true
x-ratelimit-reset: 56
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c02f

GET
H2 200 index-CH5dPFQ5.css
gxp-dbm-prod-cdn.azureedge.net/static/ 17 KB
5 KB 55ms
15ms Stylesheet
text/css 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/index-CH5dPFQ5.css

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

264711c6515e4d7e36a0094ac0cd11a782a2910d16d360b154fc2482c39a4e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-ab2cf0305a78b8fc8a36e04181033554' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 34
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 0
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Wed, 17 Jul 2024 18:10:37 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"45f1-190c1e39af3"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 188
access-control-allow-credentials: true
x-ratelimit-reset: 57
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-r185d5857fbkl9f6c70qu3xmu000000003a0000000001yz1

GET
H2 200 CardActionArea-DowpwkvT.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 1 KB
2 KB 15ms
15ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/CardActionArea-DowpwkvT.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8bc8e032b3d516cbffc86525667032794bf364cc71dec90909f7e5cd05289afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-3d23d5a622bfd9a759b1297eff085326' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Fri, 19 Jul 2024 02:18:17 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"596-190c8c86f6a"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 173
access-control-allow-credentials: true
x-ratelimit-reset: 55
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c02g

GET
H2 200 index-RNINNtS6.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 412 B
1 KB 14ms
14ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/index-RNINNtS6.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a26d0a0253db27d7c727ac251ea73bc35a0d36ca854e575ee9c820903204c233

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-permitted-cross-domain-policies: none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-5772057ec2bbb4fd755b4de29783b59b' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
referrer-policy: no-referrer
etag: W/"19c-190c7100f99"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 174
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
x-ratelimit-limit: 200
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cross-origin-embedder-policy: unsafe-none
x-cache: TCP_HIT
x-envoy-upstream-service-time: 8
content-length: 412
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
last-modified: Thu, 18 Jul 2024 18:17:16 GMT
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c02h
access-control-allow-credentials: true
x-ratelimit-reset: 56
accept-ranges: bytes

GET
H2 200 mapStyles-BjW5NNgg.js Show response
gxp-dbm-prod-cdn.azureedge.net/static/ 126 KB
37 KB 24ms
24ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-prod-cdn.azureedge.net/static/mapStyles-BjW5NNgg.js

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

37375704104de9248e9237852ac37421c80807edb05801832be7137880a9204c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-6f90233f81e2a6218b392baccadfbcec' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-dns-prefetch-control: off
x-cache: TCP_HIT
x-envoy-upstream-service-time: 7
cross-origin-resource-policy: cross-origin
x-fd-int-roxy-purgeid: 58562218
request-context: appId=cid-v1:9745874e-f666-44bf-a851-e3fc9c25bb4a
referrer-policy: no-referrer
last-modified: Thu, 18 Jul 2024 17:05:30 GMT
cross-origin-opener-policy: unsafe-none
etag: W/"1f638-190c6ce5988"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-ratelimit-remaining: 194
access-control-allow-credentials: true
x-ratelimit-reset: 58
x-ratelimit-limit: 200
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
cache-control: public, max-age=86400
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
x-azure-ref: 20240719T150653Z-16b8f8f97cfzc2j68y8yrwexz800000000hg00000000c02k

GET
H2 200 1616146298701.woff
getschwifty.guestline.net/media/TIC/fonts/ 28 KB
28 KB 116ms
14ms Font
font/woff 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://getschwifty.guestline.net/media/TIC/fonts/1616146298701.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04050bae4cc3b9ccd20d3c7f57f5b1ba249d4a54d6eff75a1e4df504362e8c00

Request headers

Referer: https://booking.eu.guestline.app/
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cf9wqnf8d40pnk7b800000000x0000000001ta9
x-cache: TCP_HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 15
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 28660
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1616146298701.woff
getschwifty.guestline.net/media/TIC/fonts/ 28 KB
0 117ms
117ms Font
font/woff 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://getschwifty.guestline.net/media/TIC/fonts/1616146298701.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 04050bae4cc3b9ccd20d3c7f57f5b1ba249d4a54d6eff75a1e4df504362e8c00

Request headers

Referer: https://booking.eu.guestline.app/
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cf9wqnf8d40pnk7b800000000x0000000001ta9
x-cache: TCP_HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 15
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 28660
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 / Show response
gxp-editor.eu.guestline.app/api/dbm/TIC/maintenance/ 5 B
114 B 31ms
30ms Fetch
application/json 172.211.210.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-editor.eu.guestline.app/api/dbm/TIC/maintenance/
Requested by: Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.211.210.15 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Client-Ai-Data: {"userId":"vsa+nPJ+X9qppkZFhgvQ60","sessionId":"XGF5cBUaUVSUY1st8u8MyL"}

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
server: istio-envoy
x-powered-by: Express
etag: W/"5-fLbvuYullyqbUJDcLlF/4U0SywQ"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data
content-length: 5
request-context: appId=cid-v1:

GET
H2 200 1636462368099.jpeg
getschwifty.guestline.net/media/TIC/images/ 20 KB
20 KB 118ms
16ms Image
image/jpeg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net/media/TIC/images/1636462368099.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cd293accd949031a7165490643192957bd5b4dacf5c8164637889a3a66a616af

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7wr
x-cache: TCP_HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 6
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 58562218
accept-ranges: bytes
content-length: 20145
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1636462405397.png
getschwifty.guestline.net/media/TIC/images/ 27 KB
27 KB 117ms
16ms Other
image/png 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://getschwifty.guestline.net/media/TIC/images/1636462405397.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 221c225ce2d9567c9a95f0ec4cee7f6d5fb65773eef2b930a532e2f9611f5c5d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7ws
x-cache: TCP_HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 5
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 58562218
accept-ranges: bytes
content-length: 27550
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
101 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YTBVBBFXV7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNQ9PCZ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

342d07b983b24903875ce2c6bf4cbc1d6c2ffc0d20d3e84ae7379d056149c170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103215
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jul 2024 15:06:53 GMT

GET
H2 200 25812559.js Show response
js-eu1.hs-scripts.com/ 2 KB
1 KB 88ms
35ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/25812559.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNQ9PCZ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d50cd1e2952b47290a835e4d91a2adbd492854654b6c481753272112ed3aeecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e878a495-1031-4424-bd4e-9dd8191f24cf
cf-polished: origSize=2100
age: 3636
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e878a495-1031-4424-bd4e-9dd8191f24cf
cf-bgj: minify
last-modified: Fri, 19 Jul 2024 14:06:17 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-68d6f869c4-phrnq
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cf-ray: 8a5b9e350cfd2ba2-FRA

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-YTBVBBFXV7&gtm=45je47h0v881600804z89116757936za200zb9116757936&_p=1721401613449&_gaz=1&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&t...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=729853119.1721401614&dbk=4464020184754432851&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je47h0v881600804z891...

0
0

16ms
16ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=729853119.1721401614&dbk=4464020184754432851&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je47h0v881600804z89116757936za200zb9116757936&npa=0&tid=G-YTBVBBFXV7&dl=https%3A%2F%2Fbooking.eu.guestline.app%3F
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x24e42924a218663e","source_keys":["1"]},{"key_piece":"0x28279f25c32d84fb","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"4464020184754432851","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["11151986708"],"5":["07-19","07-18","07-17"]}}
date: Fri, 19 Jul 2024 15:06:53 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jul 2024 15:06:53 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=729853119.1721401614&dbk=4464020184754432851&dma=1&dma_cps=syphamo&en=page_view&gcs=G111&gtm=45je47h0v881600804z89116757936za200zb9116757936&npa=0&tid=G-YTBVBBFXV7&dl=https%3A%2F%2Fbooking.eu.guestline.app%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 527
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 63ms
22ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YTBVBBFXV7&cid=729853119.1721401614&gtm=45je47h0v881600804z89116757936za200zb9116757936&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3t3t2t5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YTBVBBFXV7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 15:06:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://booking.eu.guestline.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 46ms
30ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YTBVBBFXV7&cid=729853119.1721401614&gtm=45je47h0v881600804z89116757936za200zb9116757936&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3t3t2t5&npa=0&frm=0&z=1011102614

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 15:06:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-YTBVBBFXV7&gtm=45je47h0v881600804za200zb9116757936&_p=1721401613449&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&cid=729853...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=729853119.1721401614&dbk=5932860816575410205&dma=1&dma_cps=syphamo&en=scroll&gcs=G111&gtm=45je47h0v881600804za200zb...

0
0

43ms
42ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=729853119.1721401614&dbk=5932860816575410205&dma=1&dma_cps=syphamo&en=scroll&gcs=G111&gtm=45je47h0v881600804za200zb9116757936&npa=0&tid=G-YTBVBBFXV7&dl=https%3A%2F%2Fbooking.eu.guestline.app%3F
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x24e42924a218663e","source_keys":["1"]},{"key_piece":"0x76c0fbe218ba25f5","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"5932860816575410205","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["11151986708"],"5":["07-19","07-18","07-17"]}}
date: Fri, 19 Jul 2024 15:06:53 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jul 2024 15:06:53 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=729853119.1721401614&dbk=5932860816575410205&dma=1&dma_cps=syphamo&en=scroll&gcs=G111&gtm=45je47h0v881600804za200zb9116757936&npa=0&tid=G-YTBVBBFXV7&dl=https%3A%2F%2Fbooking.eu.guestline.app%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 512
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/25812559/ 71 KB
26 KB 112ms
68ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/25812559/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25812559.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b3a1d535757b97ff542df0a542a32b1d1f4b3c4c3a44760d41aa3f3eb5b94c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-amz-version-id: gcXvvs19Fc7vA77uxPtG1rb1HnNXlXue
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: CCEG6VFDA9GB1RPJ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 61c31451-20d7-49e4-8789-f4b4c17a0948
x-envoy-upstream-service-time: 80
x-amz-id-2: +Cwam8AVOzQp1su9UM7HrCtq7yfpnvOA2WtvZVoaVVHGoIV6I2Zd/de0qcXEuEzAd9GL7KcRSMI=
x-evy-trace-listener: listener_https
x-request-id: 61c31451-20d7-49e4-8789-f4b4c17a0948
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 14:42:51 GMT
server: cloudflare
etag: W/"2e2a242aa9c35a208f534cadfe8d7d80"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.aghotels.co.uk
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-849d5cf979-wcf7s
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8a5b9e361a6b30d5-FRA
expires: Fri, 19 Jul 2024 15:11:53 GMT

GET
H2 200 25812559.js Show response
js-eu1.hs-analytics.net/analytics/1721397900000/ 68 KB
24 KB 217ms
90ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1721397900000/25812559.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25812559.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1babff5503351b0432408fe22c352692f14d627d221e179ff9267c51439c7618

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
x-amz-request-id: E14NQD889GVQYTDZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 6eaa43de-a501-4c08-a82f-569a6c0806b6
x-envoy-upstream-service-time: 41
x-amz-id-2: /7S3C+qX8jFHP1tZO+1ihkHmDArgBA/P920A7JgKPtG1WO8CPOJTQZIB5k5BmO2c9Ps6wrscVAULmZHG3k1P8Q==
x-evy-trace-listener: listener_https
x-request-id: 6eaa43de-a501-4c08-a82f-569a6c0806b6
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 19 Jul 2024 14:53:35 GMT
server: cloudflare
etag: W/"45195b62bcccdfabb16f99d685b0cbd5"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8a5b9e3699e59f3f-FRA
expires: Fri, 19 Jul 2024 15:11:53 GMT

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 159ms
31ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hscollectedforms.net/collectedforms.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25812559.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f809d67f-f851-4a7b-b950-a22b60ddfb5d
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8a5b9e369b70bb32-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f809d67f-f851-4a7b-b950-a22b60ddfb5d
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
cf-ray: 8a5b9e369b70bb32-FRA
x-amz-cf-id: 52WwmjXw6tSKLZ-16oXFctYFEE56cxJcXZNneXN_MM6O8s1Lu9KEcg==
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js

GET
H2 200 fb.js Show response
js-eu1.hsadspixel.net/ 6 KB
4 KB 156ms
30ms Script
application/javascript 172.65.219.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsadspixel.net/fb.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25812559.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a35208d4d64a784109aa95fc4741f204e4035bd304dfa933859fc124c579ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-amz-version-id: uYbxvY6weeATqv9c6Wdvv9TcA.mK4yCh
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P6
age: 405
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.570/bundles/pixels-release.js&cfRay=8a5b944e2c4f92a5-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: a906a85a-b398-4b5d-a30f-80119b47fbe6
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a906a85a-b398-4b5d-a30f-80119b47fbe6
last-modified: Wed, 17 Jul 2024 14:15:10 UTC
server: cloudflare
etag: W/"d0bc1801c348710367f872ece4338c28"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
cf-ray: 8a5b9e369f5a2be5-FRA
x-amz-cf-id: zEN8zmYLW0TPqfK44PCTIKHhvig3ErEGw2f2zwA1RKzaygbkox7wKw==
x-hs-target-asset: adsscriptloaderstatic/static-1.570/bundles/pixels-release.js

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://booking.eu.guestline.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 1711572350557-DBM_HOTEL_NEW.jpg
getschwifty.guestline.net//media/TIC/TICPINE/images/ 176 KB
176 KB 64ms
60ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICPINE/images/1711572350557-DBM_HOTEL_NEW.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 195ea1a1b2643014980d87b7d6e3817f5e5b410033eba201c10df4be1ff5cf6f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7x9
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 7
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 179869
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572322799-LOBBY%20AREA.jpg
getschwifty.guestline.net//media/TIC/TICBEDFORD/images/ 39 KB
39 KB 73ms
70ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICBEDFORD/images/1711572322799-LOBBY%20AREA.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a77102587505fd839ddead7cf038db5658be767cafb50a8585da0ac39321a539

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xa
x-cache: TCP_MISS
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 8
x-fd-int-roxy-purgeid: 58562218
accept-ranges: bytes
content-length: 39817
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572322892-RESTAURANT%20AREA%202.jpg
getschwifty.guestline.net//media/TIC/TICBEDFORD/images/ 36 KB
36 KB 89ms
86ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICBEDFORD/images/1711572322892-RESTAURANT%20AREA%202.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9885635323415b39ba950797930cc52843493c619a8d1890f479411514b29bfc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xb
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 8
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 36794
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572322847-MAIN%20BAR%201.jpg
getschwifty.guestline.net//media/TIC/TICBEDFORD/images/ 36 KB
37 KB 65ms
61ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICBEDFORD/images/1711572322847-MAIN%20BAR%201.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3620b86d7b440a0d1e86ece7d3f3ff1212ce5799a0e543aa593e11cf763b9edb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xc
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 7
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 37117
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572343498-DBM_HOTEL_NEW.jpg
getschwifty.guestline.net//media/TIC/TICKNUT/images/ 76 KB
77 KB 102ms
99ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICKNUT/images/1711572343498-DBM_HOTEL_NEW.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 23bf321711e3a2e61acc08931b50abf6936bdd4c0ccd4d015e99a585219718f9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xd
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 10
x-fd-int-roxy-purgeid: 58562218
accept-ranges: bytes
content-length: 78123
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572343705-DBM_HOTEL2.jpg
getschwifty.guestline.net//media/TIC/TICKNUT/images/ 37 KB
37 KB 43ms
41ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICKNUT/images/1711572343705-DBM_HOTEL2.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a03d00c557e6ac4334286c30fdbe665bd37ac0e8f7d8d1dde478eae1b4227efb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xe
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 9
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 37840
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572343252-DBM_BAR.jpg
getschwifty.guestline.net//media/TIC/TICKNUT/images/ 33 KB
33 KB 36ms
34ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICKNUT/images/1711572343252-DBM_BAR.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 66188c065f00b73a569781c378ed0b36d8c79c89f25fc368793411760f6be011

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xf
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 6
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 33775
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572347125-DBM_1.jpg
getschwifty.guestline.net//media/TIC/TICNEW/images/ 182 KB
183 KB 343ms
341ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICNEW/images/1711572347125-DBM_1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0c677964e8f8bda0dbe7d86bef890128fac02abb011a1061f75e851927661778

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:54 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xg
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 11
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 186571
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572347347-DBM_2.jpg
getschwifty.guestline.net//media/TIC/TICNEW/images/ 72 KB
72 KB 43ms
40ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICNEW/images/1711572347347-DBM_2.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3b042191af47e6eb7f019fd144a3d683c3029d1352fe13972958a5d0032813db

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xh
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 6
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 73388
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572347406-DBM_3.jpg
getschwifty.guestline.net//media/TIC/TICNEW/images/ 68 KB
69 KB 63ms
60ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICNEW/images/1711572347406-DBM_3.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d642e6114c91f1a3b943be8044f50c61fd3677ebf2f3ec1ee801e91d94ebca2c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xk
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 8
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 69851
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572338143-DBM_1.jpg
getschwifty.guestline.net//media/TIC/TICHUDD/images/ 171 KB
171 KB 64ms
62ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICHUDD/images/1711572338143-DBM_1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9c87f77e38c848ecea4e16cee4d82c2f2f57069f70b507668dd0b1ba796c53c4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xp
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 7
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 174932
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572338217-DBM_2.jpg
getschwifty.guestline.net//media/TIC/TICHUDD/images/ 90 KB
90 KB 239ms
237ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICHUDD/images/1711572338217-DBM_2.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: afed90278d3b4d92b7bef55ec77e38dc6819d7871b18d7e675d506117047166b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xq
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 16
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 91872
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572338279-DBM_3.jpg
getschwifty.guestline.net//media/TIC/TICHUDD/images/ 55 KB
55 KB 48ms
45ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICHUDD/images/1711572338279-DBM_3.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 508ab4e4f6f8a241c757d31bdf6109cdb2220302cc7bfbe675e20b13e3e45002

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xr
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 7
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 55968
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572333612-DBM_1.jpg
getschwifty.guestline.net//media/TIC/TICEPSOM/images/ 169 KB
169 KB 35ms
32ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICEPSOM/images/1711572333612-DBM_1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d6fa1d2539bcf1dabd0acc45a6b7b641f6c46eabde74c647fc0c490f8ca839a7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xs
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 6
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 172859
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572333670-DBM_2.jpg
getschwifty.guestline.net//media/TIC/TICEPSOM/images/ 178 KB
179 KB 130ms
128ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICEPSOM/images/1711572333670-DBM_2.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1b561f32c7d7159506a6911b6457d2cbf46efa6f278726f9efc9f884f2db18f1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xt
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 8
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 58562218
accept-ranges: bytes
content-length: 182762
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572333781-DBM_3.jpg
getschwifty.guestline.net//media/TIC/TICEPSOM/images/ 179 KB
179 KB 43ms
41ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICEPSOM/images/1711572333781-DBM_3.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d7aaf48afbd454ba0abab53d14589d79f3c926aa2e3ea4037a32ef73bcad33c0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xu
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 9
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 182976
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572327440-DBM_1.jpg
getschwifty.guestline.net//media/TIC/TICCHOR/images/ 181 KB
181 KB 89ms
87ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICCHOR/images/1711572327440-DBM_1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 51d722c9f7c688b742f797a07c20052b363d328ee32a33005240dccc685b15a4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xv
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 10
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 185160
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572327511-DBM_2.jpg
getschwifty.guestline.net//media/TIC/TICCHOR/images/ 193 KB
193 KB 89ms
87ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICCHOR/images/1711572327511-DBM_2.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9266bbc0c871f1709a3d69cde0bd211d1a6b44ef9e37c0ce979109d32f67f710

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xw
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 14
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 197536
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572327608-DBM_3.jpg
getschwifty.guestline.net//media/TIC/TICCHOR/images/ 190 KB
191 KB 37ms
35ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICCHOR/images/1711572327608-DBM_3.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 630bdf3dda28984b91b1555eb615c48aa7c92360857ff11a947b4a5bce83bc11

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xx
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 8
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 194998
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572331650-DBM_HOTEL.jpg
getschwifty.guestline.net//media/TIC/TICCROWN/images/ 180 KB
181 KB 34ms
33ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICCROWN/images/1711572331650-DBM_HOTEL.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ef4c631f1b8b4f2caad4890473077f0c5d64ef439a827ff0c4bb86e90c034e7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xy
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 25
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 184506
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 TIC-1720168659705.jpg
media-prod-cdn-ep.azureedge.net/media/TIC/TICMAG/images/ 172 KB
173 KB 28ms
27ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-prod-cdn-ep.azureedge.net/media/TIC/TICMAG/images/TIC-1720168659705.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cb92546b846f044e87939c36674df8b14b9e12ee2fffd182a72a26957c37ed7d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-r185d5857fbkl9f6c70qu3xmu000000003a0000000001z13
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 7
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 58562218
accept-ranges: bytes
content-length: 176398
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572345023-HOTEL.jpg
getschwifty.guestline.net//media/TIC/TICMILLEN/images/ 105 KB
105 KB 63ms
62ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICMILLEN/images/1711572345023-HOTEL.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a01004520ba19b8f14658a9274f8ce5acabf4591ae737e6b1dbb14038b1d1a5d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7xz
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 6
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 107417
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572345085-HOTEL1.jpg
getschwifty.guestline.net//media/TIC/TICMILLEN/images/ 85 KB
85 KB 88ms
87ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICMILLEN/images/1711572345085-HOTEL1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 34132e8573a57e97df0e2b6a4c7de126dab7676f073f05ab6dc54d4bbe72fa4b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7y0
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 15
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 86744
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572345348-jpeg-optimizer_D.jpg
getschwifty.guestline.net//media/TIC/TICMILLEN/images/ 285 KB
286 KB 89ms
87ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICMILLEN/images/1711572345348-jpeg-optimizer_D.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e82c2091f9c976514ee8d49e9082c6fbe9e88ef1f1d9f735b7c88671194c691a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7y1
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 29
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 292190
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572354617-DBM_HOTEL.jpg
getschwifty.guestline.net//media/TIC/TICSTUART/images/ 194 KB
195 KB 61ms
60ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICSTUART/images/1711572354617-DBM_HOTEL.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fb1a93a37ee6b472b866bcaf1341edad62f9cdad9f319d50f923922ab87baceb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7y2
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 10
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 199103
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572354686-DBM_HOTEL1.jpg
getschwifty.guestline.net//media/TIC/TICSTUART/images/ 166 KB
167 KB 88ms
87ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICSTUART/images/1711572354686-DBM_HOTEL1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2a1cc214737d788f7cffced7d1d829e6d917be05f6b3fa3c95f2c37f6827f167

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7y3
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 10
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 170488
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 1711572354747-DBM_HOTEL2.jpg
getschwifty.guestline.net//media/TIC/TICSTUART/images/ 190 KB
191 KB 34ms
33ms Image
image/jpg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getschwifty.guestline.net//media/TIC/TICSTUART/images/1711572354747-DBM_HOTEL2.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8c2d85ae472cf21e83ab8f6e602a5336c9e6fdb9dd6075ccf780f5ca6a1e128f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
x-azure-ref: 20240719T150653Z-16b8f8f97cfq6t5wmz0h6mnpu800000000vg00000000w7y4
x-cache: TCP_HIT
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
x-envoy-upstream-service-time: 9
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
accept-ranges: bytes
content-length: 194783
request-context: appId=cid-v1:1b7f5e9f-49d1-4d77-a306-824d05179861

GET
H2 200 json Show response
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 123 B
1 KB 100ms
69ms XHR
application/json 2a06:98c1:3200::90:3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=25812559

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5e278cc9619502c6742585b62400599f4ba54dc2f49f6fcc3ac44114cec233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c9b9bfbf-70b6-4919-9228-09fd3d4cce12
content-encoding: br
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c9b9bfbf-70b6-4919-9228-09fd3d4cce12
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://booking.eu.guestline.app
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-68d6f869c4-lw5dh
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IsmjLb9LsTqu6dAdxMMvo5ahsM7kO0kN1eHnI6cmtWTGz%2B8flhLqorKtKHmRXCZCC4GHafFl76SQzEgk%2BXPt4l%2Bi2vcqYoqtwtJOJaNe%2FqoleUZ9J4p96v6S0jFK0fZN6QaLWfLqMXQyChhw3yWcHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a5b9e370ffb048b-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 134 B
458 B 46ms
27ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=25812559&utk=

Requested by

Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaae8fac282d6c38c84faeeb2984ad576fc65027d5acc23083d17f6aca12827a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 02daa05b-10f1-408e-b937-9aa4c4f15d25
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 02daa05b-10f1-408e-b937-9aa4c4f15d25
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://booking.eu.guestline.app
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8a5b9e374c28bb32-FRA

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
1 KB 71ms
34ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 19 Jul 2024 15:06:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8f2d2682-d69b-44ce-9d97-f6bbc4e5b59b
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8f2d2682-d69b-44ce-9d97-f6bbc4e5b59b
Server: cloudflare
vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-5b798b5cb4-5rngb
access-control-expose-headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
CF-RAY: 8a5b9e37ca532bc3-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 33ms
13ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Jul 2024 15:06:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: qnrgsv1SYp4/fUt/LGOFPiTvTpBQ10Jhjm2ao3SGnFz5hsleaGzC3yBgRBBFKaLyazobuXGUeyfKaQvnr44DuA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 127ms
73ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=321484724&v=1.1&a=25812559&pu=https%3A%2F%2Fbooking.eu.guestline.app%2FTIC%2F&t=AG+Hotels&cts=1721401614002&vi=af1c16969bd831bcecac2196b936fe6f&nc=true&u=138946028.af1c16969bd831bcecac2196b936fe6f.1721401614000.1721401614000.1721401614000.1&b=138946028.1.1721401614000&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 77d87641-b624-41a3-8ae7-ffd3fa94c873
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 14
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 77d87641-b624-41a3-8ae7-ffd3fa94c873
last-modified: Fri, 19 Jul 2024 15:06:54 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HZS5YTZ6Dl4RmD%2FgC3HioWKRbLdNUxXxngqByxIzEb3%2FM%2BSBOisxDYgT%2F0DpD4RFqyxAWQ5m4ly8%2FZvtCU7UxILYX5JR9K5qrxMUDu8Ts8ro0sj8oM4xh6l55uB3QS%2Fxr8477GMHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-5dfb646764-srnhw
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 8a5b9e37ed1c917a-FRA
x-robots-tag: none

GET
H2 200 1234663643848277 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 59ms
58ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1234663643848277?v=2.9.162&r=stable&domain=booking.eu.guestline.app&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a3abc936077799e05070d10da9c85840231ec0fc172c843df76ff132a7e4183

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Jul 2024 15:06:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1328, tbw=64190, tp=-1, tpl=-1, uplat=51, ullat=0
pragma: public
x-fb-debug: 4F9mu3XkvqAFOjjY6ICAnYkOba841qbaBCzZmVkeFKilmZcnwWnvBBfne4veES2TOe6FgF5URTiM0+StooRdLw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 22ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1234663643848277&ev=PageView&dl=https%3A%2F%2Fbooking.eu.guestline.app%2FTIC%2F&rl=&if=false&ts=1721401614209&sw=1600&sh=1200&ud[external_id]=af1c16969bd831bcecac2196b936fe6f&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1721401614209.816249740443398782&ler=empty&cdl=API_unavailable&it=1721401614139&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Jul 2024 15:06:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 187ms
173ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1234663643848277&ev=PageView&dl=https%3A%2F%2Fbooking.eu.guestline.app%2FTIC%2F&rl=&if=false&ts=1721401614209&sw=1600&sh=1200&ud[external_id]=af1c16969bd831bcecac2196b936fe6f&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1721401614209.816249740443398782&ler=empty&cdl=API_unavailable&it=1721401614139&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
date: Fri, 19 Jul 2024 15:06:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7393363636259366996", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3102, tp=-1, tpl=-1, uplat=165, ullat=0
pragma: no-cache
x-fb-debug: urB7/OnWgtCsve+0pUlIwt6ulB8M+3d7Sk2RzBAatprGV81PE1Zl+93HpCh8k/6g2/7rlXsMThkXl8q4AqFVHw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7393363636259366996"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7393363636259366996"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
288 B 204ms
197ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: gxp-dbm-prod-cdn.azureedge.net
URL: https://gxp-dbm-prod-cdn.azureedge.net/static/index-DRvtKznZ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://booking.eu.guestline.app
Date: Fri, 19 Jul 2024 15:06:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dbm.guestline.net/	1970-01-20 22:10:03	Name: __cf_bm Value: A207E6lEar59ACNUBHzQCCks67eUEdmYgZ5iMDnHntY-1721401612-1.0.1.1-zhetrmqaBdDkVNyv7v6qrN06d827FO6feIaudViXyBxBWwhrqWufcPZ8QkTITEtgHjYZQ2TgvX1r0djXWHKobw
booking.eu.guestline.app/	1970-01-21 06:55:37	Name: ai_user Value: vsa+nPJ+X9qppkZFhgvQ60\|2024-07-19T15:06:53.018Z
booking.eu.guestline.app/	1970-01-20 22:10:03	Name: ai_session Value: XGF5cBUaUVSUY1st8u8MyL\|1721401613021\|1721401613021
booking.eu.guestline.app/	1969-12-31 23:59:59	Name: i18next Value: de-DE
booking.eu.guestline.app/	1970-01-20 22:10:05	Name: gl_dbm_session Value: {%22sessionId%22:%228825e370-45e0-11ef-8eb6-77cf4a006b90%22%2C%22country%22:%22DE%22%2C%22expiryDate%22:%222024-07-19T16:06:53.114Z%22}
.guestline.app/	1970-01-21 07:37:59	Name: _hp2_id.2665089796 Value: %7B%22userId%22%3A%223921327710256805%22%2C%22pageviewId%22%3A%227229213377970914%22%2C%22sessionId%22%3A%223830454457953812%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
www.clarity.ms/	1970-01-21 06:55:37	Name: CLID Value: b051a12bc8c94c068de220aeffdc5517.20240719.20250719
.guestline.app/	1970-01-21 06:55:37	Name: _hjSessionUser_1856906 Value: eyJpZCI6IjEzMGU2NWZjLWVmOWUtNTNhOS04ZTI1LTAzNjc5ZjE1ZjlkOSIsImNyZWF0ZWQiOjE3MjE0MDE2MTMyOTAsImV4aXN0aW5nIjpmYWxzZX0=
.guestline.app/	1970-01-20 22:10:03	Name: _hjSession_1856906 Value: eyJpZCI6ImNkOGUyNTM5LWFmOTktNDQyYy05ZTdmLTM5NmQzMTY4Y2ZlMSIsImMiOjE3MjE0MDE2MTMyOTIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.bing.com/	1970-01-21 07:31:37	Name: MUID Value: 1B41D8AECE966EA11780CC6FCF966F58
.c.bing.com/	1970-01-20 22:20:06	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:31:37	Name: SRM_B Value: 1B41D8AECE966EA11780CC6FCF966F58
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:31:37	Name: MUID Value: 1B41D8AECE966EA11780CC6FCF966F58
.c.clarity.ms/	1970-01-20 22:20:06	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:10:02	Name: ANONCHK Value: 0
.guestline.app/	1970-01-20 22:10:03	Name: _hp2_ses_props.2665089796 Value: %7B%22ts%22%3A1721401613239%2C%22d%22%3A%22booking.eu.guestline.app%22%2C%22h%22%3A%22%2FTIC%2F%22%7D
.guestline.app/	1970-01-21 07:46:01	Name: _ga Value: GA1.1.729853119.1721401614
.guestline.app/	1970-01-21 07:46:01	Name: _ga_YTBVBBFXV7 Value: GS1.1.1721401613.1.0.1721401613.60.0.0
.region1.google-analytics.com/	1970-01-21 00:19:37	Name: ar_debug Value: 1
booking.eu.guestline.app/	1970-01-21 02:29:13	Name: __hstc Value: 138946028.af1c16969bd831bcecac2196b936fe6f.1721401614000.1721401614000.1721401614000.1
booking.eu.guestline.app/	1970-01-21 02:29:13	Name: hubspotutk Value: af1c16969bd831bcecac2196b936fe6f
booking.eu.guestline.app/	1969-12-31 23:59:59	Name: __hssrc Value: 1
booking.eu.guestline.app/	1970-01-20 22:10:03	Name: __hssc Value: 138946028.1.1721401614000
.hsforms.com/	1970-01-20 22:10:03	Name: __cf_bm Value: 9gJvY5T_1BlSStqNUQYqAE4O1ZMuMj.BzoNPnMOE.ak-1721401614-1.0.1.1-G7Nlbu9XHSVmRyKzgGypMGh3Hyto46TiJMRKos1l8U1Y07aK3pSuSzVs2AmZQWJ_8HdEUDjk5zeOVnZcLmwz9w
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Dv55pEYLwdVPTH4X0I8aUMveMQA9or5gEQp4e.C56KU-1721401614066-0.0.1.1-604800000
.hubspot.com/	1970-01-20 22:10:03	Name: __cf_bm Value: A.uvBEN0YzecZ3fEJRQu9k6xfbvQQ3Zwv2tZ1OBJRbc-1721401614-1.0.1.1-ikdq2bnciXxg3ycEL9R6a51CXBJRvesJ2TK4hnoBnPl4y1HnG.uqsdEsU.geJUNX2L2y6rCa1Igk5EO7gKHfew
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: RZhSieHudzMfMSLfzeeOYtsMrA3sNh7Yub1ejMhNj0s-1721401614123-0.0.1.1-604800000
.guestline.app/	1970-01-21 00:19:37	Name: _fbp Value: fb.1.1721401614209.816249740443398782

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-eu1.hubapi.com
booking.eu.guestline.app
c.bing.com
c.clarity.ms
cdn.heapanalytics.com
connect.facebook.net
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
getschwifty.guestline.net
gxp-configs-prod-cdn-ep.azureedge.net
gxp-dbm-prod-cdn.azureedge.net
gxp-editor.eu.guestline.app
heapanalytics.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
media-prod-cdn-ep.azureedge.net
q.clarity.ms
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tic.dbm.guestline.net
track-eu1.hubspot.com
www.clarity.ms
www.facebook.com
www.google.de
www.googletagmanager.com
13.227.219.120
13.32.27.5
13.74.129.1
172.211.210.15
172.65.192.122
172.65.202.201
172.65.208.22
172.65.219.229
172.65.232.43
172.65.238.60
172.65.240.166
18.66.102.106
20.231.53.73
2001:4860:4802:34::36
2606:4700::6812:794
2620:1ec:bdf::45
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:400c:c00::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3200::90:3
35.153.191.249
007255c51ece028fdeb7aea2b6ab040b8638a381ea0b0cd749393b17e8b5dafa
04050bae4cc3b9ccd20d3c7f57f5b1ba249d4a54d6eff75a1e4df504362e8c00
0a278d13d2fedd29db48d35568e7b4ac33772970095059e52622f5427b808987
0a3abc936077799e05070d10da9c85840231ec0fc172c843df76ff132a7e4183
0c677964e8f8bda0dbe7d86bef890128fac02abb011a1061f75e851927661778
13e5a315b92546d07a31fae811934439a3e9df3c8eff0ab86a634b5002a91469
195ea1a1b2643014980d87b7d6e3817f5e5b410033eba201c10df4be1ff5cf6f
1b561f32c7d7159506a6911b6457d2cbf46efa6f278726f9efc9f884f2db18f1
1babff5503351b0432408fe22c352692f14d627d221e179ff9267c51439c7618
221c225ce2d9567c9a95f0ec4cee7f6d5fb65773eef2b930a532e2f9611f5c5d
23bf321711e3a2e61acc08931b50abf6936bdd4c0ccd4d015e99a585219718f9
264711c6515e4d7e36a0094ac0cd11a782a2910d16d360b154fc2482c39a4e3f
2a1cc214737d788f7cffced7d1d829e6d917be05f6b3fa3c95f2c37f6827f167
2c5e278cc9619502c6742585b62400599f4ba54dc2f49f6fcc3ac44114cec233
34132e8573a57e97df0e2b6a4c7de126dab7676f073f05ab6dc54d4bbe72fa4b
342d07b983b24903875ce2c6bf4cbc1d6c2ffc0d20d3e84ae7379d056149c170
3620b86d7b440a0d1e86ece7d3f3ff1212ce5799a0e543aa593e11cf763b9edb
37375704104de9248e9237852ac37421c80807edb05801832be7137880a9204c
3aae4df67715883062b9793fbde0f65968186777c59f24428161836f8c579058
3b042191af47e6eb7f019fd144a3d683c3029d1352fe13972958a5d0032813db
3ef4c631f1b8b4f2caad4890473077f0c5d64ef439a827ff0c4bb86e90c034e7
4a0689c00d5ecc6c2a5aa8d347ab127fc8fa53f34ed7703879766b7417a855a8
4d3e3a4ab634d1fc58aaacef189c8ba0eabb338f3389433136dfafbb731e6df7
508ab4e4f6f8a241c757d31bdf6109cdb2220302cc7bfbe675e20b13e3e45002
50a35208d4d64a784109aa95fc4741f204e4035bd304dfa933859fc124c579ea
51d722c9f7c688b742f797a07c20052b363d328ee32a33005240dccc685b15a4
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
5575ff7ba7e5407643526ac52d038a380e352c4f938795276d89361aea321391
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5f68be8f76ef9c0ed765ebb97922c2c1223df87061672bf7772d92e2fb01ff64
6163b4f03e40f21ee9be04e66eae5d245f9a29bfd172475a545d31f751229141
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
630bdf3dda28984b91b1555eb615c48aa7c92360857ff11a947b4a5bce83bc11
640e08e6283d8765afb07b1959bc7deb8f2afcbe0f8dce6d7a8c5a180717f363
66188c065f00b73a569781c378ed0b36d8c79c89f25fc368793411760f6be011
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c62025af84b6c843921a80d955ce2a4cd11ca4f2de22434de1ddabc1bd903cc
85529b7e7a24baf55d32934b9cf28e69c54555235e6931b7e1ac8b52474ddd5b
89445df13db3f8eb3eefdcd2e8d12a6b327566549d9045652aa912a0d7ece46f
8a93bed27bc06405f010d736ab543d69cf4f4fb23a6aebd755b4925c5d047bcc
8aafb62ee6d05105377e2e81db82cf7e10419dfa043d02a8174c5a4beb0fce50
8bc8e032b3d516cbffc86525667032794bf364cc71dec90909f7e5cd05289afc
8c2d85ae472cf21e83ab8f6e602a5336c9e6fdb9dd6075ccf780f5ca6a1e128f
8ec6c784e174f38333989f355fa7bda2b1e7df558349bc3b9c438255b18f9970
9266bbc0c871f1709a3d69cde0bd211d1a6b44ef9e37c0ce979109d32f67f710
9885635323415b39ba950797930cc52843493c619a8d1890f479411514b29bfc
99c10aa4348d51d23bb7e00b5ca4892c7d526038498c620b18a893c6ed54aa08
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c87f77e38c848ecea4e16cee4d82c2f2f57069f70b507668dd0b1ba796c53c4
a01004520ba19b8f14658a9274f8ce5acabf4591ae737e6b1dbb14038b1d1a5d
a03d00c557e6ac4334286c30fdbe665bd37ac0e8f7d8d1dde478eae1b4227efb
a26d0a0253db27d7c727ac251ea73bc35a0d36ca854e575ee9c820903204c233
a77102587505fd839ddead7cf038db5658be767cafb50a8585da0ac39321a539
a984dc451b4ace53d437eec8c915cf72984151b027cf9638fd3bdd1fe3bee808
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaefccb509b347c798c186dad6bfab3fb2902b0519daa7114813241ab5a12945
afed90278d3b4d92b7bef55ec77e38dc6819d7871b18d7e675d506117047166b
b74e49a0ea5e02cbf1fcfea4a544c1caca6bcd3ae011473f975c1b6acc9ed762
b8c37983de668f2e70257d9c8ed63a8875172a12535b9302df7cd1550bc3aa1b
ba117e5340e914c8957040e5a75a77eb84e830f5b061f83d6ca7cd011c51c182
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c151008b2f54b7b0959ded4e3a98a912462f25c162c66c4f51c1aa8c1ccecd26
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c29a9c6906e6b2af8e5768eeaed3a041407c13fb13221389255d78311b6c1d68
c2b3a1d535757b97ff542df0a542a32b1d1f4b3c4c3a44760d41aa3f3eb5b94c
c8de82c9d683b6cc4ceee62e267b0f2dc6e1028d849bff91cc7fc9f4d05bc2f1
cb92546b846f044e87939c36674df8b14b9e12ee2fffd182a72a26957c37ed7d
cd293accd949031a7165490643192957bd5b4dacf5c8164637889a3a66a616af
ce24b0b0c0b93b39585558595f1bf853ff0f62fead21987f4212af9b03d28c23
d02ae15ee612d56ccbfb26e6e083983172ed9a6e0fc89e1b918a3c7301fb317d
d50cd1e2952b47290a835e4d91a2adbd492854654b6c481753272112ed3aeecd
d642e6114c91f1a3b943be8044f50c61fd3677ebf2f3ec1ee801e91d94ebca2c
d6fa1d2539bcf1dabd0acc45a6b7b641f6c46eabde74c647fc0c490f8ca839a7
d7aaf48afbd454ba0abab53d14589d79f3c926aa2e3ea4037a32ef73bcad33c0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82c2091f9c976514ee8d49e9082c6fbe9e88ef1f1d9f735b7c88671194c691a
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eaae8fac282d6c38c84faeeb2984ad576fc65027d5acc23083d17f6aca12827a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb1a93a37ee6b472b866bcaf1341edad62f9cdad9f319d50f923922ab87baceb
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

booking.eu.guestline.app Open in urlscan Pro 172.211.210.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

97 %HTTPS

44 %IPv6

22 Domains

31 Subdomains

24 IPs

5 Countries

4889 kBTransfer

7058 kBSize

29 Cookies

1 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

booking.eu.guestline.app Open in urlscan Pro
172.211.210.15 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

97 %
HTTPS

44 %
IPv6

22
Domains

31
Subdomains

24
IPs

5
Countries

4889 kB
Transfer

7058 kB
Size

29
Cookies

89 HTTP transactions
1 data transactions