booking-326.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2c88  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response booking-326.pages.dev/	935 KB 119 KB	465ms 336ms	Document text/html	2606:4700:310c::ac42:2c88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-326.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2c88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Nuxt Resource Hash 56195dc84c730c4581cb751a4e737fad51648caa7658eacd4ab7037b38159a64 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-ray 8b2a92519cb16346-LHR content-encoding br content-type text/html;charset=utf-8 date Tue, 13 Aug 2024 17:54:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NP4AN0dEHdEFX1jvVTrCPd4yzrcfJZcQMBNYw%2BYMlljEGrWBHOQL75QjxnIermI%2F%2Bm2I7WjsU5GyK3gYlQ7vhPh3D6bU%2FzbYPjaaJnRuiWWcxpqiGlkslJiR90F6gQ9xW5HKHJ07WsBtIcp9KtsQ6VXSSjM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by Nuxt
GET H3	200	entry.1wc3uTlm.css booking-326.pages.dev/_nuxt/	746 KB 105 KB	217ms 217ms	Stylesheet text/css	2606:4700:310c::ac42:2c88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-326.pages.dev/_nuxt/entry.1wc3uTlm.css Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2c88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91346d9beb3a288aadea99d90667f81fb45d1c94c157bf34237a4df84c030309 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 17:54:39 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b3b5887c5814beac57b673ae4d6a8c83" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q6uhRr9ufgy0FXGaZwDOBLVc%2Fc27TM8Y0Suvz7vTdwrzW3vo6eJSbUVD79UIspupsK6YzyeyOEZqivWTi9zoD9SP0QonlTIIaw3mcCjiV01hSsaO%2B4jcHl8DxUXvFx6IIy4fYo4VK0nUNhhbgp5H6lcFuIU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8b2a925458226346-LHR alt-svc h3=":443"; ma=86400
GET H3	200	BsKnlV-O.js Show response booking-326.pages.dev/_nuxt/	2 MB 528 KB	257ms 257ms	Script application/javascript	2606:4700:310c::ac42:2c88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-326.pages.dev/_nuxt/BsKnlV-O.js Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2c88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 272d489e8f4bbcc44fe8e9e9b2722495ea6980b843f9c90e4afa8df2d12921e1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer Origin https://booking-326.pages.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 17:54:39 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"eaf251ec79dbb616e9fabb2a366a6b7e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uuR7emld%2BYpf2e1Nc2kEYLLCTzOh8l41qseQX9qnsE2ffb32uN66zA3o9S4zggO0sEVR3dvB6Tm2o%2F%2Fc%2BLz8Tq76KI6DMPfMj08ZX3DzFW37uWIOIN52vSOpJe4iVLlA1FgYJsYMVbz%2F%2F5AYGPOPqY7MxQg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 8b2a925458236346-LHR alt-svc h3=":443"; ma=86400
GET H3	200	adroll.js Show response booking-326.pages.dev/js/	803 B 903 B	198ms 197ms	Script application/javascript	2606:4700:310c::ac42:2c88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-326.pages.dev/js/adroll.js Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2c88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4eea5f3a92caa6192c3af809c1140b87bc85033de5ad4b38c4984adf5d61bc9d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 17:54:39 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"bc8414f6a3a15f3c6fb043dcc59fb3a3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MWR%2FJWxNJD84B%2FteYVlmIWK%2BvnuJwh5EGtVQDkEa3FgGBfpmhvq30fnsZQyW6rTKLJ3%2FkCv%2FzlZ3LvxQJcisGvJ%2FML9QuwS%2FrH%2BIwA4kiyvitMq6DkuMm97hh7RyUzWj50W%2FScSc267gcQpW1dCluVMqLwI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 8b2a925458256346-LHR alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/Z4YBWL5SGRHY7HYDEQHG5T/	96 KB 29 KB	846ms 634ms	Script text/javascript	2600:9000:2104:3c00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/Z4YBWL5SGRHY7HYDEQHG5T/roundtrip.js Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/js/adroll.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:3c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fdedcd32961c5379790efc1ced0bdf55d81898c829ea8f81ae48bdba087d7656 Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers X-Amz-Version-Id MrfHB2OCLmRTogVJx2esZQhS9ZEjecx3 Content-Encoding gzip Via 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront) Date Tue, 13 Aug 2024 17:54:41 GMT X-Amz-Cf-Pop AMS1-C1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache RefreshHit from cloudfront Connection keep-alive Last-Modified Mon, 12 Aug 2024 12:34:21 GMT Server AmazonS3 Etag W/"7adccd35a3bb69b2ff9552e135e17158" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id p6crRhJ_8sudQgk9Z6cNcFgJeHi89rvQfRsO_57tA-P4m6I75JPy8A==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	225 KB 60 KB	196ms 56ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/_nuxt/BsKnlV-O.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 13 Aug 2024 17:54:40 GMT document-policy force-load-at-top x-fb-server-load 39 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58865 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=16, rtx=0, c=15, mss=1392, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug oGyGL/uRmsqoL9mY7KPRSfNhAEo7P2Nfkx/9lPQJziamzJUZByIgf14FQo7ZbWyrdjMh09yLVsFL3UK1JB+FXg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	916d44e7-02c3-40a4-9224-f2a981a79d82.json Show response booking-326.pages.dev/_nuxt/builds/meta/	139 B 657 B	95ms 95ms	Fetch application/json	2606:4700:310c::ac42:2c88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-326.pages.dev/_nuxt/builds/meta/916d44e7-02c3-40a4-9224-f2a981a79d82.json Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/_nuxt/BsKnlV-O.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2c88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03765b75cb74ae1107cf9daae5d5bd80d79736d74f2bfdf3b811d2ab3739f9b5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 17:54:40 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"58ba0cc4569133c0ad47535e44c32419" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=knnrNUNAAdVDc2K1H85NRBTlywxsnlIWezQhJRHeLyQg4FVcqsqI7JLYJ4%2FmspueKyFn%2F7oRhK6A%2B4I4I14REA9B8YWMHLtwjetE63iJGwtaSh4oW%2FOzaqBLC24RR0VDoIXnh3XNKAA06jKRtKIJHDG5FEU%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control public, max-age=31536000, immutable, public, max-age=1, immutable, public, max-age=31536000, immutable cf-ray 8b2a9258fe2a6346-LHR alt-svc h3=":443"; ma=86400
GET BLOB	200 OK	f7c1ac6d-aa81-4243-949f-42a57c98c610 https://booking-326.pages.dev/	10 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://booking-326.pages.dev/f7c1ac6d-aa81-4243-949f-42a57c98c610 Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7850a4a49bf6ea9110de86612f1a2052c0855bfe1417c53921042fa8c663b3d7 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Length 10297 Content-Type
GET H2	200	287323385553813 Show response connect.facebook.net/signals/config/	79 KB 16 KB	217ms 215ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/287323385553813?v=2.9.164&r=stable&domain=booking-326.pages.dev&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash da1434698e568f5c1e2e60112b1d97dc06733d81f675134319d5306cfe2b9962 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 13 Aug 2024 17:54:40 GMT document-policy force-load-at-top x-fb-server-load 32 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=63, mss=1392, tbw=64391, tp=-1, tpl=-1, uplat=176, ullat=0 pragma public x-fb-debug N9nK7jSRh1/v26EeHaCJMo0y1Of93ItComy5D46z5zJtGMhelFGhp0PFtALoPshMSoaEXIEWwIJgb7KwdbM3HA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	299ms 134ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=287323385553813&ev=PageView&dl=https%3A%2F%2Fbooking-326.pages.dev&rl=&if=false&ts=1723571680501&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.2.1723571680492.219651214502940530&cs_est=true&pm=1&hrl=3e9529&ler=empty&cdl=API_unavailable&it=1723571680227&coo=false&cs_cc=1&cas=7792947437382116%2C5473122032754349&rqm=GET Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=15, rtx=0, c=10, mss=1392, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 13 Aug 2024 17:54:40 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 5 KB	391ms 227ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=287323385553813&ev=PageView&dl=https%3A%2F%2Fbooking-326.pages.dev&rl=&if=false&ts=1723571680501&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.2.1723571680492.219651214502940530&cs_est=true&pm=1&hrl=3e9529&ler=empty&cdl=API_unavailable&it=1723571680227&coo=false&cs_cc=1&cas=7792947437382116%2C5473122032754349&rqm=FGET Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3dd6ff873abeea6d","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:6539266322818774","24:3973171809359453","24:5060731383999972","24:4469671426394682","24:3527907480671086","24:3853565394679082","24:4273692969315602","24:3291384560965966","24:3731252757000894","24:4140649809300000","24:5241083142629698","24:3561832803870492","24:3719183458137591","24:3768819419839776","24:3967661773294758","24:4825462570861222","24:3653389044707621","7830:6539266322818774","7830:3973171809359453","7830:5060731383999972","7830:4469671426394682","7830:3527907480671086","7830:3853565394679082","7830:4273692969315602","7830:3291384560965966","7830:3731252757000894","7830:4140649809300000","7830:5241083142629698","7830:3561832803870492","7830:3719183458137591","7830:3768819419839776","7830:3967661773294758","7830:4825462570861222","7830:3653389044707621","10853:6539266322818774","10853:3973171809359453","10853:5060731383999972","10853:4469671426394682","10853:3527907480671086","10853:3853565394679082","10853:4273692969315602","10853:3291384560965966","10853:3731252757000894","10853:4140649809300000","10853:5241083142629698","10853:3561832803870492","10853:3719183458137591","10853:3768819419839776","10853:3967661773294758","10853:4825462570861222","10853:3653389044707621","41:6539266322818774","41:3973171809359453","41:5060731383999972","41:4469671426394682","41:3527907480671086","41:3853565394679082","41:4273692969315602","41:3291384560965966","41:3731252757000894","41:4140649809300000","41:5241083142629698","41:3561832803870492","41:3719183458137591","41:3768819419839776","41:3967661773294758","41:4825462570861222","41:3653389044707621","8046:6539266322818774","8046:3973171809359453","8046:5060731383999972","8046:4469671426394682","8046:3527907480671086","8046:3853565394679082","8046:4273692969315602","8046:3291384560965966","8046:3731252757000894","8046:4140649809300000","8046:5241083142629698","8046:3561832803870492","8046:3719183458137591","8046:3768819419839776","8046:3967661773294758","8046:4825462570861222","8046:3653389044707621"]},"debug_reporting":true,"debug_key":"1"} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Tue, 13 Aug 2024 17:54:40 GMT x-fb-server-load 29 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402683998306735244", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=3107, tp=-1, tpl=-1, uplat=167, ullat=0 pragma no-cache x-fb-debug KM8a4MqDIRntymb6DK1BJ6lh8ZMyDL81evpzYLgHsfdakHRh7piLKpPOmxhIwbKEtCnvwV7kPo/kMM2Mh9n5gg== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402683998306735244"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	Z4YBWL5SGRHY7HYDEQHG5T Show response d.adroll.com/consent/check/	534 B 627 B	359ms 59ms	Script application/javascript	2a05:d018:cc3:fe04:925f:d0e8:ff45:db48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/Z4YBWL5SGRHY7HYDEQHG5T?pv=10929449042.554794&arrfrr=https%3A%2F%2Fbooking-326.pages.dev%2F&_s=596bd75b9588a2853bd47f97106ee252&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/Z4YBWL5SGRHY7HYDEQHG5T/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe04:925f:d0e8:ff45:db48 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash 72e990cd9eef6787b89682307bb9c9fd004d8917790146614da909eb6e0b2b65 Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 17:54:40 GMT server nginx/1.22.1 content-length 534 content-type application/javascript
GET H3	200	favicon.ico booking-326.pages.dev/	15 KB 5 KB	110ms 110ms	Other image/vnd.microsoft.icon	2606:4700:310c::ac42:2c88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-326.pages.dev/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2c88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 205175885f9883f8372e3b104a31a929407245e3f5d0526187e2557b9862c2b4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 17:54:41 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f7685ec2a398385079d7b21292619017" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iaiR0FOSqeG8ogPhLZfa9R1fvZHYHq0QtF1hXO45WvRIuVr0GsmKCTAxPJQ%2F1BqfJpii2xctCiLWGIOeS5NvBMmhQPah%2B5D6HewY5jNrhQcMTNKin2dYFYFXio6w%2FW3dlUTnFeuaSDIl%2B3vMpjXilvCod6E%3D"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 8b2a925edde16346-LHR alt-svc h3=":443"; ma=86400
POST H3	200	sentry Show response booking-326.pages.dev/api/	7 B 418 B	221ms 211ms	Fetch text/html	2606:4700:310c::ac42:2c88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking-326.pages.dev/api/sentry Requested by Host: booking-326.pages.dev URL: https://booking-326.pages.dev/_nuxt/BsKnlV-O.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2c88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf Request headers Referer https://booking-326.pages.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 13 Aug 2024 17:54:43 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rvr2pXRR7vYZPv%2FBZHuPhGakR12Vzjb8K8ZC0tGuGa2JC5JXCW8cBIhvyAP2r%2BjR6YFmytr3XzxB5QZrmary7nCufzEO3SJjtVeg5QkfHfM7re5W7dTEkb1hhG4B%2BP21SyZTzAiFPyKIXb59Mw%2Bgp8Cpy7A%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 8b2a926c7f116346-LHR alt-svc h3=":443"; ma=86400

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __NUXT__ string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ function| __buildAssetsURL function| __publicAssetsURL function| $fetch object| __unctx__ object| __unctx_async_handlers__ boolean| __VUE__ function| useNuxtApp function| __unhead_injection_handler__ function| fbq function| _fbq object| __SENTRY__ function| __adroll__ string| adroll_sid object| __adroll_consent_data object| dataLayer object| __adroll object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors function| adroll_tpc_callback object| adroll_exp_list boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.booking-326.pages.dev/	1970-01-21 00:55:47	Name: _fbp Value: fb.2.1723571680492.219651214502940530

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking-326.pages.dev
connect.facebook.net
d.adroll.com
s.adroll.com
www.facebook.com
2600:9000:2104:3c00:6:9280:1080:93a1
2606:4700:310c::ac42:2c88
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:cc3:fe04:925f:d0e8:ff45:db48
03765b75cb74ae1107cf9daae5d5bd80d79736d74f2bfdf3b811d2ab3739f9b5
205175885f9883f8372e3b104a31a929407245e3f5d0526187e2557b9862c2b4
272d489e8f4bbcc44fe8e9e9b2722495ea6980b843f9c90e4afa8df2d12921e1
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4eea5f3a92caa6192c3af809c1140b87bc85033de5ad4b38c4984adf5d61bc9d
56195dc84c730c4581cb751a4e737fad51648caa7658eacd4ab7037b38159a64
72e990cd9eef6787b89682307bb9c9fd004d8917790146614da909eb6e0b2b65
7850a4a49bf6ea9110de86612f1a2052c0855bfe1417c53921042fa8c663b3d7
91346d9beb3a288aadea99d90667f81fb45d1c94c157bf34237a4df84c030309
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
da1434698e568f5c1e2e60112b1d97dc06733d81f675134319d5306cfe2b9962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fdedcd32961c5379790efc1ced0bdf55d81898c829ea8f81ae48bdba087d7656