booking.com-extranet.sbs Open in urlscan Pro
2606:4700:3033::ac43:977f  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://dominatorxelgfiq.blogspot.com/ Page URL
2. https://giving-back.com/rug2h Page URL
3. https://booking.com-extranet.sbs/confirm/login/hLpEJXkp/sign-in?op_token=EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ dominatorxelgfiq.blogspot.com/	70 KB 14 KB	481ms 173ms	Document text/html	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dominatorxelgfiq.blogspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding gzip content-length 14451 content-type text/html; charset=UTF-8 date Fri, 22 Nov 2024 13:37:37 GMT etag W/"7812a3dbaba7cb27915ffacfa3a75928ac6847f445cf1871bba2e1390d848a91" expires Fri, 22 Nov 2024 13:37:37 GMT last-modified Mon, 11 Nov 2024 19:36:26 GMT server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H/1.1	404 Not Found	rug2h Show response giving-back.com/	230 B 511 B	769ms 250ms	Document text/html	193.3.19.66 SELECTEL-MSK JSC ...
General Check archive.org Show headers Download Go to Full URL https://giving-back.com/rug2h? Requested by Host: dominatorxelgfiq.blogspot.com URL: https://dominatorxelgfiq.blogspot.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.3.19.66 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU), Reverse DNS Software nginx / Resource Hash a9d921a31babc30f9fbae5ff177001c0e33ceb8f9e3b3f7edf2386aac8da545f Request headers Referer https://dominatorxelgfiq.blogspot.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 230 Content-Type text/html; charset=UTF-8 Date Fri, 22 Nov 2024 13:37:38 GMT ETag "e6-6277f07043c8e" Keep-Alive timeout=60 Last-Modified Fri, 22 Nov 2024 11:53:12 GMT Server nginx
GET H2	403	Primary Request sign-in Show response booking.com-extranet.sbs/confirm/login/hLpEJXkp/	12 KB 10 KB	273ms 84ms	Document text/html	2606:4700:3033::ac43:977f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.com-extranet.sbs/confirm/login/hLpEJXkp/sign-in?op_token=EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:977f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c714355344ca9dfddaa6a746a162a2e561f9b29ff88a7ce6f1cf7778771a397 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://giving-back.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out CysRhj7xi0w26JeThNuYv3thR2gdGbyNF/aG+SvKVbfJrJrYKwBYNsZV1rUzGgPQkEAM81m0WCzQ9/kDzIMIETsCVnmrzNeeMBf+1AhzmGw=$43OYG+5MYKgndyHZ/n+djQ== cf-mitigated challenge cf-ray 8e6950bb598f52f5-LAX content-encoding zstd content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Fri, 22 Nov 2024 13:37:39 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5U8RHm%2FWp0MTCojQvajFoZVV1kcheayCFkW3YXQHaeP4Xq0f1SYxflN8Gv5UdrlgS95kfbcewnXlHgL3Ji6KUjs0HmWoeWi2bRJ8yGHL%2F%2BCxz%2F2q8217Lrn6gW52td7AQT%2FK%2FeI5ACLl1WTcH%2F4DwkHqbBroSHs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=70727&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3972&recv_bytes=2433&delivery_rate=54885&cwnd=252&unsent_bytes=0&cid=5e0dafe438a03a62&ts=93&x=0" vary Accept-Encoding x-content-options nosniff x-frame-options SAMEORIGIN
GET H/1.1	404 Not Found	favicon.ico giving-back.com/	230 B 511 B	252ms 252ms	Other text/html	193.3.19.66 SELECTEL-MSK JSC ...
General Check archive.org Show headers Download Go to Full URL https://giving-back.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.3.19.66 , Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU), Reverse DNS Software nginx / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://giving-back.com/rug2h? Response headers ETag "e6-6277f07043c8e" Connection keep-alive Accept-Ranges bytes Content-Length 230 Keep-Alive timeout=60 Date Fri, 22 Nov 2024 13:37:38 GMT Content-Type text/html; charset=UTF-8 Last-Modified Fri, 22 Nov 2024 11:53:12 GMT Server nginx
GET H2	200	v1 Show response booking.com-extranet.sbs/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	94 KB 38 KB	84ms 83ms	Script application/javascript	2606:4700:3033::ac43:977f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.com-extranet.sbs/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8e6950bb598f52f5 Requested by Host: booking.com-extranet.sbs URL: https://booking.com-extranet.sbs/confirm/login/hLpEJXkp/sign-in?op_token=EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:977f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23cba0e3cec87ab9c39e221ccaf21516e0b1f2a1e7d4ebe079f1cf23cfd4652c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://booking.com-extranet.sbs/confirm/login/hLpEJXkp/sign-in?op_token=EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0&__cf_chl_rt_tk=enDr.x838ZG9resRCL7m6c8aeFEZk2xQ_XyLLqSfeUE-1732282659-1.0.1.1-dfIQM1KqbSlegyVok45DmT3P06xH425R66C4NX8mPG0 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZr29EbCzSmRkCVqyWGwwby2fNIyTom9FM7X0KLq2KcM16yZLZgC7OSsiyVkIWA4EV1DJ5YNlaa9KwnumPAqSKkeuaV5VIK58j6Mv6FAhVCuCf%2B3gFgeZ98x3%2FrZmMhC47rvOjqyLfmu6X8f%2FIG6pBPbUGk%2BL0Y%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e6950bc1a3b52f5-LAX alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=70895&sent=22&recv=15&lost=0&retrans=0&sent_bytes=13986&recv_bytes=2836&delivery_rate=214527&cwnd=257&unsent_bytes=0&cid=5e0dafe438a03a62&ts=213&x=0" date Fri, 22 Nov 2024 13:37:39 GMT content-type application/javascript; charset=UTF-8 server cloudflare
GET		a8d57633-3360-4253-a52c-d57859da56c5 https://booking.com-extranet.sbs/ Frame	0 0
GET H3	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/e4025c85ea63/	47 KB 16 KB	179ms 91ms	Script application/javascript	104.18.94.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/e4025c85ea63/api.js?onload=iQmfw1&render=explicit Requested by Host: booking.com-extranet.sbs URL: https://booking.com-extranet.sbs/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8e6950bb598f52f5 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f7c821eea52471a9bbb0397df6b77ee279505be05bb52aef00932989522d3c2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://booking.com-extranet.sbs Referer Response headers cache-control max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public content-encoding br cross-origin-resource-policy cross-origin cf-ray 8e6950bd5a386801-SJC access-control-allow-origin * alt-svc h3=":443"; ma=86400 date Fri, 22 Nov 2024 13:37:39 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 19 Nov 2024 14:16:20 GMT server cloudflare vary Accept-Encoding
GET H3	404	favicon.ico booking.com-extranet.sbs/	150 B 150 B	384ms 383ms	Image text/html	172.67.151.127 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://booking.com-extranet.sbs/favicon.ico Requested by Host: booking.com-extranet.sbs URL: https://booking.com-extranet.sbs/confirm/login/hLpEJXkp/sign-in?op_token=EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.151.127 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://booking.com-extranet.sbs/confirm/login/hLpEJXkp/sign-in?op_token=EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0 Response headers content-security-policy default-src 'none' cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FOVouvjfWbVhV67md3o3Wfu67p22lyqdX0jQHQxn%2BsIFuIvAney7Pv4Iob55POeM%2B%2FePhpFPC5LiTM1m0otzSUR%2Fz%2FrYzPa3cL2yK0sQ%2BbKNVtoVdal3zIiQ3xqd6ttK9%2BfqyprDEmdjlc%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff cf-ray 8e6950bcc9f25295-LAX alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=83074&sent=26&recv=19&lost=0&retrans=0&sent_bytes=14275&recv_bytes=10431&delivery_rate=104532&cwnd=12000&unsent_bytes=0&cid=9226e335dc69d6a0&ts=422&x=1", cfHdrFlush;dur=0 date Fri, 22 Nov 2024 13:37:39 GMT content-type text/html; charset=utf-8 x-powered-by Express vary Accept-Encoding server cloudflare
POST H3	200	bb9hh0QOyOau_ltBzlcWKRX5dBptG6gOf_yA9leLiUE-1732282659-1.2.1.1-Z0I2j0FLeX7oIpkBMzKntXhpiFDw3pxLET8TWoXH6_JUZR3a4HzH7G_Wq_NRhDNW Show response booking.com-extranet.sbs/cdn-cgi/challenge-platform/h/g/flow/ov1/1420367575:1732278481:8wakFOst8x4XH6OKN3qxKt2fbaPhoAknCp6dyaWOZu8/8e6950bb598f52f5/	13 KB 9 KB	99ms 96ms	XHR text/plain	172.67.151.127 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.com-extranet.sbs/cdn-cgi/challenge-platform/h/g/flow/ov1/1420367575:1732278481:8wakFOst8x4XH6OKN3qxKt2fbaPhoAknCp6dyaWOZu8/8e6950bb598f52f5/bb9hh0QOyOau_ltBzlcWKRX5dBptG6gOf_yA9leLiUE-1732282659-1.2.1.1-Z0I2j0FLeX7oIpkBMzKntXhpiFDw3pxLET8TWoXH6_JUZR3a4HzH7G_Wq_NRhDNW Requested by Host: booking.com-extranet.sbs URL: https://booking.com-extranet.sbs/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8e6950bb598f52f5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.151.127 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4442c4810c4fa4b63786c9c2bd3c62620da791e7ace5428c077a3abca0610857 Request headers Referer https://booking.com-extranet.sbs/confirm/login/hLpEJXkp/sign-in?op_token=EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0 CF-Chl-RetryAttempt 0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded CF-Challenge bb9hh0QOyOau_ltBzlcWKRX5dBptG6gOf_yA9leLiUE-1732282659-1.2.1.1-Z0I2j0FLeX7oIpkBMzKntXhpiFDw3pxLET8TWoXH6_JUZR3a4HzH7G_Wq_NRhDNW Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHlxGE%2BpHXEnx7rSqeU2Qg8umIXkPBmCYPdFIODjiCiYKPJKkwPaSOTsd7bX9xBijyuJ68III1ZV3fL%2BjdtBaTnSSzxkMvU7x9ORjjNLTEnoM%2Fd%2BXPK%2BDgi8Rs1UIAmp5xxS4bJrZ1FZ6dk%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e6950bd8a935295-LAX alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=71338&sent=17&recv=14&lost=0&retrans=0&sent_bytes=4345&recv_bytes=10215&delivery_rate=380&cwnd=12000&unsent_bytes=0&cid=9226e335dc69d6a0&ts=251&x=1", cfHdrFlush;dur=0 date Fri, 22 Nov 2024 13:37:39 GMT content-type text/plain; charset=UTF-8 cf-chl-gen 8wMRcpPIrHds7DdojuGIJ5srmT8TUiCV3wTOWMJCNXByLzuv2GnyAWAoVop+E41KbTRrdTfoIE4=$27/ci6vFcZBMh9mc server cloudflare
GET		d2757248-74c6-424f-8200-9ff1d58a153f https://booking.com-extranet.sbs/ Frame	0 0
GET H3	200	/ challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/oabfv/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame DBD9	0 0	176ms 96ms	Document text/html	104.18.95.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/oabfv/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/e4025c85ea63/api.js?onload=iQmfw1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8e6950bf09731567-SJC content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Fri, 22 Nov 2024 13:37:39 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
GET H3	404	favicon.ico booking.com-extranet.sbs/	150 B 0	0ms 0ms	Other text/html	172.67.151.127 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.com-extranet.sbs/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.151.127 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://booking.com-extranet.sbs/confirm/login/hLpEJXkp/sign-in?op_token=EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0 Response headers content-security-policy default-src 'none' cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FOVouvjfWbVhV67md3o3Wfu67p22lyqdX0jQHQxn%2BsIFuIvAney7Pv4Iob55POeM%2B%2FePhpFPC5LiTM1m0otzSUR%2Fz%2FrYzPa3cL2yK0sQ%2BbKNVtoVdal3zIiQ3xqd6ttK9%2BfqyprDEmdjlc%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff cf-ray 8e6950bcc9f25295-LAX alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=83074&sent=26&recv=19&lost=0&retrans=0&sent_bytes=14275&recv_bytes=10431&delivery_rate=104532&cwnd=12000&unsent_bytes=0&cid=9226e335dc69d6a0&ts=422&x=1", cfHdrFlush;dur=0 date Fri, 22 Nov 2024 13:37:39 GMT content-type text/html; charset=utf-8 x-powered-by Express vary Accept-Encoding server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

booking.com-extranet.sbs

URL

blob:https://booking.com-extranet.sbs/a8d57633-3360-4253-a52c-d57859da56c5

Domain

booking.com-extranet.sbs

URL

blob:https://booking.com-extranet.sbs/d2757248-74c6-424f-8200-9ff1d58a153f

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| iQmfw1 boolean| ZoAYN5 function| vwnKf0 function| aJXQ0 function| PuUs5 function| Srsj4 object| TXkb0 object| ydWs6 function| WFlfN4 function| ObdEk5 function| PeqG1 object| BJyo0 number| fXoRe8 object| angular object| SMYiP3 function| _ string| RLGC5 object| turnstile boolean| FhHy2 boolean| VbCw6

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://giving-back.com/rug2h? Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://giving-back.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://booking.com-extranet.sbs/confirm/login/hLpEJXkp/sign-in?op_token=EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://booking.com-extranet.sbs/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://booking.com-extranet.sbs/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.com-extranet.sbs
challenges.cloudflare.com
dominatorxelgfiq.blogspot.com
giving-back.com
booking.com-extranet.sbs
104.18.94.41
104.18.95.41
172.67.151.127
193.3.19.66
2606:4700:3033::ac43:977f
2607:f8b0:4006:81c::2001
23cba0e3cec87ab9c39e221ccaf21516e0b1f2a1e7d4ebe079f1cf23cfd4652c
4442c4810c4fa4b63786c9c2bd3c62620da791e7ace5428c077a3abca0610857
4c714355344ca9dfddaa6a746a162a2e561f9b29ff88a7ce6f1cf7778771a397
5f7c821eea52471a9bbb0397df6b77ee279505be05bb52aef00932989522d3c2
6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
a9d921a31babc30f9fbae5ff177001c0e33ceb8f9e3b3f7edf2386aac8da545f