urlscan.io logo urlscan.io
SecurityTrails logo

host.holidu.com Open in urlscan Pro
13.32.121.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.bookiply.es/r/F46XAtMDnotiE8oMPLgy
Effective URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SW...
Submission Tags: falconsandbox
Submission: On April 18 via api from US — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 28 HTTP transactions. The main IP is 13.32.121.91, located in United States and belongs to AMAZON-02, US. The main domain is host.holidu.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 24th 2023. Valid for: a year.
This is the only time host.holidu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    52.222.214.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-8.fra56.r.cloudfront.net
www.bookiply.es
12    13.32.121.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-91.fra60.r.cloudfront.net
host.holidu.com
1    2606:4700:3110::6812:35ed (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.polyfill.io
4    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.32.99.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-113.fra60.r.cloudfront.net
api.host.holidu.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.es
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.35.58.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-92.fra60.r.cloudfront.net
imageproxy.bookiply.com
Apex Domain
Subdomains		 Transfer
15 holidu.com
host.holidu.com
api.host.holidu.com
536 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
23 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
73 KB
2 bookiply.es
www.bookiply.es
822 B
1 bookiply.com
imageproxy.bookiply.com
15 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
270 B
1 google.es
www.google.es — Cisco Umbrella Rank: 24897
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
349 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
64 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2955
383 B
28 11
Domain Requested by
12 host.holidu.com host.holidu.com
4 www.google-analytics.com host.holidu.com
www.google-analytics.com
3 api.host.holidu.com host.holidu.com
2 connect.facebook.net host.holidu.com
connect.facebook.net
2 www.bookiply.es 2 redirects
1 imageproxy.bookiply.com
1 www.facebook.com host.holidu.com
1 www.google.es host.holidu.com
1 www.google.com host.holidu.com
1 stats.g.doubleclick.net host.holidu.com
1 www.googletagmanager.com host.holidu.com
1 cdn.polyfill.io host.holidu.com
28 12

This site contains no links.

Subject Issuer Validity Valid
host.holidu.com
Amazon RSA 2048 M03		 2023-11-24 -
2024-12-22		 a year crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA		 2024-02-20 -
2025-02-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-26 -
2024-04-25		 3 months crt.sh
api.host.holidu.com
Amazon RSA 2048 M02		 2023-11-23 -
2024-12-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.es
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Frame ID: 242536E4B9DE2EA75DE2D125686EA35D
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Holidu - Hosting with happiness

Page URL History Show full URLs

  1. https://www.bookiply.es/r/F46XAtMDnotiE8oMPLgy HTTP 301
    https://www.bookiply.es/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU... HTTP 301
    https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

28
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

713 kB
Transfer

2691 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.bookiply.es/r/F46XAtMDnotiE8oMPLgy HTTP 301
    https://www.bookiply.es/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q HTTP 301
    https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request updatePaymentDetails
host.holidu.com/
Redirect Chain
  • https://www.bookiply.es/r/F46XAtMDnotiE8oMPLgy
  • https://www.bookiply.es/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki...
  • https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki...
136 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
/ Next.js
Resource Hash
134434c637ec31ebfad9c4f508d2d5d7f98ef0d947287aa24b0e75900f50c582
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 05:43:14 GMT
etag
W/"22099-1pf+aJrJGR8hSf7joahZ51M5a6M"
vary
Accept-Encoding
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-amz-cf-id
j3yv__cK-tflOU2VL-sI_w3qdu6-vMZ8ayPT3pKiasBVskzrsd8tHA==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 18 Apr 2024 05:43:14 GMT
location
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
server
AmazonS3
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-amz-cf-id
qCsTUv9p0VKwa0hD6CnbtwcccJKuCXThF5Ymx0FWczkNgYSbp8pqOw==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
App.css
host.holidu.com/static/css/ 		33 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/static/css/App.css
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82bf41fc3b4068e45707e9859a836d3c2a662afdf844aeaa347ca33ad741e252

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:18:56 GMT
content-encoding
br
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
62659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-meta-x-robots-tag
noindex
last-modified
Wed, 13 Dec 2023 10:40:59 GMT
server
AmazonS3
etag
W/"ebd078e262cce471d5bf82bf34cfb9b6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
E6-lWKqRUaBDvZYvfWCyJTLS7svOgy52DsjltzRXlPYFotFMvgfJUA==
updatePaymentDetails.js
host.holidu.com/_next/static/nEqMlRpcFb3g_zAlBDBPo/pages/ 		1 MB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/_next/static/nEqMlRpcFb3g_zAlBDBPo/pages/updatePaymentDetails.js
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
/
Resource Hash
a12f67008c89e8fd5b21d9d97b418414c877f02f696383b3ec51261899cee011
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:38:52 GMT
content-encoding
br
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 14:10:38 GMT
x-amz-cf-pop
FRA60-P1
age
61462
etag
W/"126fa2-18eae98e1ff"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cache
Hit from cloudfront
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
vOJhhWB2FmD73uNj0n7i762tIA_2jNnSmJfYwCEgZ9ktipX_NtEbmg==
_app.js
host.holidu.com/_next/static/nEqMlRpcFb3g_zAlBDBPo/pages/ 		73 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/_next/static/nEqMlRpcFb3g_zAlBDBPo/pages/_app.js
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
/
Resource Hash
5fe516a5a7a9ce5dbfc84d8593634150bab6e0cb2fc5e8962e7a3b7559a427d2
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:18:55 GMT
content-encoding
br
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 14:10:38 GMT
x-amz-cf-pop
FRA60-P1
age
62659
etag
W/"1238f-18eae98e1ff"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cache
Hit from cloudfront
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
mJ0DRCW43C73WR2_k6-n-bguQ6X4JzD7yya6lXz8rfeVLW9nR6CzQA==
webpack-8ed9452df514b4d17d80.js
host.holidu.com/_next/static/runtime/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/_next/static/runtime/webpack-8ed9452df514b4d17d80.js
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
/
Resource Hash
9a94cece481a009c10877c998d73a6b8ab6344ad43064838e0a2e70f49c453b4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:18:55 GMT
content-encoding
br
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 14:10:38 GMT
x-amz-cf-pop
FRA60-P1
age
62659
etag
W/"5d3-18eae98e1ef"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cache
Hit from cloudfront
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
2N91fe9DYSAAFgCU6KsyLE915R4zJbcsyd88fApGyctuxoa4RdTmjg==
commons.0c9caf794806c13964f6.js
host.holidu.com/_next/static/chunks/ 		539 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/_next/static/chunks/commons.0c9caf794806c13964f6.js
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
/
Resource Hash
2d0bc4b83eddcd40b5676f74b0824423bbd692a064a3c7d8648476d5212d23c4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:18:55 GMT
content-encoding
br
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 14:10:38 GMT
x-amz-cf-pop
FRA60-P1
age
62659
etag
W/"86d62-18eae98e1ef"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cache
Hit from cloudfront
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jPJwlD-0daDMIpJXt_1fIAnNIYF6VUb1Eo9SCd4ylQ2x-I9ErXkXAA==
styles.b642c69e53d96aab3f11.js
host.holidu.com/_next/static/chunks/ 		88 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/_next/static/chunks/styles.b642c69e53d96aab3f11.js
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
/
Resource Hash
61bdc5857bf67b8dfe1525c7a252b2421eb5bf15f2ecc27ea85a05292ed1aea3
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:38:52 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 14:10:38 GMT
x-amz-cf-pop
FRA60-P1
age
61462
etag
W/"58-18eae98e1ff"
x-frame-options
DENY
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
88
x-amz-cf-id
ap3o6bruARO08mCNIZWlHkm8lZZ1hd4XaMsaubHGwIGFlGUKoY9h1Q==
main-b79b3156e907c51d9f19.js
host.holidu.com/_next/static/runtime/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/_next/static/runtime/main-b79b3156e907c51d9f19.js
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
/
Resource Hash
c1849ebb587ca2bf19840822a563e2d77dca238996f822d54dfc5af6c1925d7c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:18:55 GMT
content-encoding
br
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 14:10:38 GMT
x-amz-cf-pop
FRA60-P1
age
62659
etag
W/"13c0e-18eae98e1ff"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cache
Hit from cloudfront
cache-control
public, max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZSRHaDjJSLeRcBI9WlWr7lSQB24Gotue6ekFyJ2W0DY87nAdeV0isA==
styles.451d0ab0.chunk.css
host.holidu.com/_next/static/css/ 		79 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/_next/static/css/styles.451d0ab0.chunk.css
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
/
Resource Hash
8cd8c4145f887b56352e2a8f7e31a13656724aff354afce28a1a646ecc50372c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:43:14 GMT
content-encoding
br
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2024 14:10:38 GMT
x-amz-cf-pop
FRA60-P1
etag
W/"13b47-18eae98e1ef"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-cache
RefreshHit from cloudfront
cache-control
public, max-age=0
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
zoNaZ9C4KZOcTTkf-1xVOfttn781nfQ7PbIXk1fKbcw2gYEXhr2eOg==
polyfill.min.js
cdn.polyfill.io/v2/ 		103 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en-US
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:35ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:43:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2024 11:59:43 GMT
server
cloudflare
age
2655811
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
87625609d8080419-MAD
expires
Thu, 18 Apr 2024 09:43:14 GMT
analytics-2.5.4.js
host.holidu.com/static/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/static/js/analytics-2.5.4.js
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52e68713aa12cb07c58dc17ce8064466e27e426dff214371320c275b277d68a3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:18:56 GMT
content-encoding
br
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
62659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-meta-x-robots-tag
noindex
last-modified
Wed, 13 Dec 2023 10:41:00 GMT
server
AmazonS3
etag
W/"8887f4952025ea3abf17b98c1ed16db0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
tqC1W5_TYXYn8p7nhapkcFzklLyP1v9M7gM-k16ZVBuHAFTrqjb8WA==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/static/js/analytics-2.5.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Apr 2024 04:15:06 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5288
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 18 Apr 2024 06:15:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/static/js/analytics-2.5.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 18 Apr 2024 05:43:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=12, mss=1326, tbw=2762, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
UmRXytt9IAJ/AjOobM84bTJIzfCWIGqzMlMkfvieOvMcOQOH0IJi1vRaXrAMzr11+EmvTSa5g+6lbPshy3cVmg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		169 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNSMV9R&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf726ad30e37d9dfc2906961e969cad88964105ff9e31dab32c7bd5fb54ac2c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:43:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64947
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Apr 2024 05:43:14 GMT
form
api.host.holidu.com/rest/bookiply/web/v1/bookings/payments/ 		950 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.host.holidu.com/rest/bookiply/web/v1/bookings/payments/form?jwt=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q&host=host.holidu.com
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/_next/static/nEqMlRpcFb3g_zAlBDBPo/pages/_app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-113.fra60.r.cloudfront.net
Software
/
Resource Hash
d143f69e3399082720c52825fde50ec6a0c684bed7c9a8715a04c90fc26c3404

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:43:15 GMT
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://host.holidu.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
nCslZ7BSOmPPWo8OlumZwtcpObxMSR3Z-rHIuWTjb6Xt62AuCqr6sg==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 04:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
3464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 18 Apr 2024 05:45:30 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
1415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 18 Apr 2024 06:19:39 GMT
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1953598840&t=pageview&_s=1&dl=https%3A%2F%2Fhost.holidu.com%2FupdatePaymentDetails%3Fpayment%3DeyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q&dp=%2FupdatePaymentDetails&ul=es-es&de=UTF-8&dt=Holidu%20-%20Hosting%20with%20happiness&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIrBAAAACAMI~&jid=1151086604&gjid=1029035042&cid=196253269.1713418995&tid=UA-92777206-24&_gid=1129780519.1713418995&_slc=1&z=1501981134
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/_next/static/nEqMlRpcFb3g_zAlBDBPo/pages/_app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 05:43:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://host.holidu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-92777206-24&cid=196253269.1713418995&jid=1151086604&gjid=1029035042&_gid=1129780519.1713418995&_u=aGBAgEIrBAAAAGAMI~&z=1574242375
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/_next/static/nEqMlRpcFb3g_zAlBDBPo/pages/_app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
94dcf5556e059d9e35d347a9fdd7c295ec5d8001d8c00693dfc2a7d18f9fb0f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 18 Apr 2024 05:43:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://host.holidu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
102974263789849
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/102974263789849?v=2.9.154&r=stable&domain=host.holidu.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e309b185d31f211ef66ac0f581c9d8953105fff58f9684ac716519d9213ea5a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 18 Apr 2024 05:43:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=62, mss=1326, tbw=63177, tp=-1, tpl=-1, uplat=80, ullat=1
pragma
public
x-fb-debug
U+Dm5Fr+Jqb6gCqU7Mwrh+wO3JhEPz09cA5wYo947na7c/O3PN4SqN2PB9iuYuuFv48SMG+yXMUTkUvrodAGLg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-92777206-24&cid=196253269.1713418995&jid=1151086604&_u=aGBAgEIrBAAAAGAMI~&z=656530831
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 05:43:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.es/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-92777206-24&cid=196253269.1713418995&jid=1151086604&_u=aGBAgEIrBAAAAGAMI~&z=656530831
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 05:43:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
batch
api.host.holidu.com/rest/public/web/events/track/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.host.holidu.com/rest/public/web/events/track/batch
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/_next/static/nEqMlRpcFb3g_zAlBDBPo/pages/_app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.99.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-113.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://host.holidu.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:43:15 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache
Miss from cloudfront
access-control-allow-origin
https://host.holidu.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
URplRgdBq_OGWueewRSWiA4VK-1AUe_nHr5YZko_nsP8GWTstmMb9Q==
batch
api.host.holidu.com/rest/public/web/events/track/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.host.holidu.com/rest/public/web/events/track/batch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-113.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://host.holidu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://host.holidu.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 18 Apr 2024 05:43:14 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id
m_KWFsmSUXwKOm97ux8BrD4o6AZFqEALZBZOU8v4mCAV82HkZ5wSMQ==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=102974263789849&ev=PageView&dl=https%3A%2F%2Fhost.holidu.com%2FupdatePaymentDetails%3Fpayment%3DeyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q&rl=&if=false&ts=1713418994864&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713418994862.958597322&cs_est=true&ler=empty&cdl=API_unavailable&it=1713418994709&coo=false&rqm=GET
Requested by
Host: host.holidu.com
URL: https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=10, mss=1326, tbw=2754, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 18 Apr 2024 05:43:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
host.holidu.com/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://host.holidu.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
981b21f5d47015fed51d9f77df4d7f5f1337d0f41aecbc01872a100b9b7e718a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Apr 2024 12:18:58 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-version-id
ORheHdf2iw2yNy.tKnsOT.a9vGvLCRgA
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
age
62657
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15406
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 29 Nov 2023 11:46:42 GMT
server
AmazonS3
etag
"2ef5ca18db1e532574b6849e9a224858"
x-frame-options
SAMEORIGIN
content-type
image/x-icon
x-amz-cf-id
vMlYwGhmW5Q9SItGHr8UWmk1CT1QxdmLUC2JR3Ht2dtuEzUVJX0BUw==
FhYLS5-OSogiDo6WEJMh3yn9WiDa8ILG-GrXUVFC6vA.jpg
imageproxy.bookiply.com/s:1:NalkQozbTKzbVD-pbWkzV0NKsChTA9_c4eGtznhOIeI/380x/https://image.bookiply.com/apartment/49448050/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.bookiply.com/s:1:NalkQozbTKzbVD-pbWkzV0NKsChTA9_c4eGtznhOIeI/380x/https://image.bookiply.com/apartment/49448050/FhYLS5-OSogiDo6WEJMh3yn9WiDa8ILG-GrXUVFC6vA.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-92.fra60.r.cloudfront.net
Software
/
Resource Hash
b5927fc0b1feda507028d5e6f0879208d948cbc5bf47ab9cd6154c0378a0d389

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 05:43:15 GMT
via
1.1 f741e5a55bc5bd136ac1f5406bb11d88.cloudfront.net (CloudFront)
x-source-loader
VipsForeignLoadJpegSource
x-amz-cf-pop
FRA60-P10
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=48480
alt-svc
h3=":443"; ma=86400
content-length
15520
x-amz-cf-id
LByPLbT1UooLljRFQ7m6Wx7NoJ9ka6Ngi3h3_xVYnOX3MFvdltX5XQ==
BOOKINGCOM.svg
host.holidu.com/static/images/channels/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://host.holidu.com/static/images/channels/BOOKINGCOM.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97acb0099dad7652aa216ac6c97a58388cacdbf77c49e776ac798e2f5c2ab4c5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://host.holidu.com/updatePaymentDetails?payment=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJGQUlMSU5HX1BBWU1FTlQiLCJwYXltZW50SWQiOjMzMDEzMCwiaXNzIjoiQk9PS0lQTFlfQkUiLCJpYXQiOjE2NTgwODI2NTR9.u_XwkeQp8Wa4ki2OYQmoU1YXo-YYthtmMZJMFabSy-Q
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 12:43:20 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
age
61196
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-meta-x-robots-tag
noindex
last-modified
Wed, 13 Dec 2023 10:40:59 GMT
server
AmazonS3
etag
W/"98ac04a77e50c4534be8a4dae92e38b3"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-id
9OCJGC57RVcwlDEkm0E8fKHx-mxHLxouh0VHkoOkvAttxQPzAusGkQ==

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| analytics function| ga function| gaOptOut function| fbq function| _fbq object| ReactIntlLocaleData object| webpackJsonp object| __NEXT_P object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __NEXT_DATA__ object| __SENTRY__ object| scCGSHMRCache object| next object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager

11 Cookies

Domain/Path Name / Value
api.host.holidu.com/rest/public/web/events/track Name: userId
Value: db019c03-12ac-47b5-9b16-9b118e6b7ac7
host.holidu.com/ Name: sessionId
Value: b4142369fb394745ac56acb106bf207a
host.holidu.com/ Name: uuid
Value: 7889ab093afb452687330f60a130740c
host.holidu.com/ Name: userId
Value: a9e2c275-eef3-4242-b2de-a290a49a5b35
host.holidu.com/ Name: secret
Value: 35ba2557-a886-41d7-abe4-feb41d0d7551
host.holidu.com/ Name: undefined
Value: b5ff80c0-3019-4738-a29b-c8409ed507d4
.holidu.com/ Name: _ga
Value: GA1.2.196253269.1713418995
.holidu.com/ Name: _gid
Value: GA1.2.1129780519.1713418995
.holidu.com/ Name: _gat
Value: 1
.holidu.com/ Name: _gcl_au
Value: 1.1.823577217.1713418995
.holidu.com/ Name: _fbp
Value: fb.1.1713418994862.958597322

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/102974263789849?v=2.9.154&r=stable&domain=host.holidu.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.host.holidu.com
cdn.polyfill.io
connect.facebook.net
host.holidu.com
imageproxy.bookiply.com
stats.g.doubleclick.net
www.bookiply.es
www.facebook.com
www.google-analytics.com
www.google.com
www.google.es
www.googletagmanager.com
13.32.121.91
13.32.99.113
13.35.58.92
142.250.185.196
2001:4860:4802:34::178
2606:4700:3110::6812:35ed
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.222.214.8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
134434c637ec31ebfad9c4f508d2d5d7f98ef0d947287aa24b0e75900f50c582
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2d0bc4b83eddcd40b5676f74b0824423bbd692a064a3c7d8648476d5212d23c4
52e68713aa12cb07c58dc17ce8064466e27e426dff214371320c275b277d68a3
5fe516a5a7a9ce5dbfc84d8593634150bab6e0cb2fc5e8962e7a3b7559a427d2
61bdc5857bf67b8dfe1525c7a252b2421eb5bf15f2ecc27ea85a05292ed1aea3
82bf41fc3b4068e45707e9859a836d3c2a662afdf844aeaa347ca33ad741e252
85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a
8cd8c4145f887b56352e2a8f7e31a13656724aff354afce28a1a646ecc50372c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94dcf5556e059d9e35d347a9fdd7c295ec5d8001d8c00693dfc2a7d18f9fb0f3
97acb0099dad7652aa216ac6c97a58388cacdbf77c49e776ac798e2f5c2ab4c5
981b21f5d47015fed51d9f77df4d7f5f1337d0f41aecbc01872a100b9b7e718a
9a94cece481a009c10877c998d73a6b8ab6344ad43064838e0a2e70f49c453b4
a12f67008c89e8fd5b21d9d97b418414c877f02f696383b3ec51261899cee011
b5927fc0b1feda507028d5e6f0879208d948cbc5bf47ab9cd6154c0378a0d389
c1849ebb587ca2bf19840822a563e2d77dca238996f822d54dfc5af6c1925d7c
cf726ad30e37d9dfc2906961e969cad88964105ff9e31dab32c7bd5fb54ac2c9
d143f69e3399082720c52825fde50ec6a0c684bed7c9a8715a04c90fc26c3404
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e309b185d31f211ef66ac0f581c9d8953105fff58f9684ac716519d9213ea5a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629