406.pr-bot.bookingjini.tech Open in urlscan Pro
3.7.88.239 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://406.pr-bot.bookingjini.tech/
Submission: On June 02 via automatic, source certstream-suspicious (June 2nd 2023, 5:14:42 am UTC) — Scanned from DE

Summary HTTP 87 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 21 domains to perform 87 HTTP transactions. The main IP is 3.7.88.239, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is 406.pr-bot.bookingjini.tech.
TLS certificate: Issued by R3 on June 2nd 2023. Valid for: 3 months.

This is the only time 406.pr-bot.bookingjini.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	3.7.88.239 3.7.88.239	16509 (AMAZON-02) (AMAZON-02)
1	2a00:d70:0:b:... 2a00:d70:0:b:2002:0:d91a:3de2	29097 (HOSTPOINT-AS) (HOSTPOINT-AS)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	18.66.147.29 18.66.147.29	16509 (AMAZON-02) (AMAZON-02)
1	199.232.194.132 199.232.194.132	54113 (FASTLY) (FASTLY)
1	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:4f:1... 2620:1ec:4f:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	104.211.35.148 104.211.35.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.122.47 18.66.122.47	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
2	3.108.119.193 3.108.119.193	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.111 108.138.7.111	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2011	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:225... 2600:9000:2250:2600:6:c869:5340:21	16509 (AMAZON-02) (AMAZON-02)
15	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
87	28

10 3.7.88.239 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com

406.pr-bot.bookingjini.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:d70:0:b:2002:0:d91a:3de2 (Switzerland)

ASN29097 (HOSTPOINT-AS, CH)

css.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-29.fra60.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.132 (United States)

ASN54113 (FASTLY, US)

scaleflex.cloudimg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.zapscale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.211.35.148 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

y.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-47.fra60.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.108.119.193 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-108-119-193.ap-south-1.compute.amazonaws.com

kernel.bookingjini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2600:6:c869:5340:21 (United States)

ASN16509 (AMAZON-02, US)

d3ki85qs1zca4t.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8171 va.tawk.to — Cisco Umbrella Rank: 7864	211 KB
10	bookingjini.tech 406.pr-bot.bookingjini.tech	9 MB
9	gstatic.com www.gstatic.com ssl.gstatic.com fonts.gstatic.com	597 KB
9	google.com www.google.com — Cisco Umbrella Rank: 3 accounts.google.com — Cisco Umbrella Rank: 50	108 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1003 y.clarity.ms — Cisco Umbrella Rank: 7889 c.clarity.ms — Cisco Umbrella Rank: 1528	23 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
2	bookingjini.com kernel.bookingjini.com	1 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 691 script.hotjar.com — Cisco Umbrella Rank: 1016	73 KB
2	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 27171	79 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	79 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 987	36 KB
1	cloudfront.net d3ki85qs1zca4t.cloudfront.net	454 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 238	743 B
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 904
1	google.de www.google.de — Cisco Umbrella Rank: 5230	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	80 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 111	357 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	1 KB
1	zapscale.com cdn.zapscale.com	3 KB
1	cloudimg.io scaleflex.cloudimg.io — Cisco Umbrella Rank: 406271	253 KB
1	css.gg css.gg — Cisco Umbrella Rank: 220660	33 KB
87	21

	Domain	Requested by
21	embed.tawk.to	406.pr-bot.bookingjini.tech embed.tawk.to
10	406.pr-bot.bookingjini.tech	406.pr-bot.bookingjini.tech
6	www.gstatic.com	www.google.com www.gstatic.com
5	va.tawk.to	embed.tawk.to
5	www.google.com	406.pr-bot.bookingjini.tech www.google.com www.gstatic.com
5	y.clarity.ms	www.clarity.ms
4	region1.google-analytics.com	www.googletagmanager.com
4	accounts.google.com	406.pr-bot.bookingjini.tech accounts.google.com
3	www.google-analytics.com	406.pr-bot.bookingjini.tech www.google-analytics.com
2	c.clarity.ms	1 redirects
2	ssl.gstatic.com	accounts.google.com
2	kernel.bookingjini.com	406.pr-bot.bookingjini.tech
2	www.clarity.ms	406.pr-bot.bookingjini.tech www.clarity.ms
2	js.chargebee.com	406.pr-bot.bookingjini.tech js.chargebee.com
2	cdn.jsdelivr.net	406.pr-bot.bookingjini.tech embed.tawk.to
2	unpkg.com	1 redirects 406.pr-bot.bookingjini.tech
1	d3ki85qs1zca4t.cloudfront.net
1	c.bing.com	1 redirects
1	fonts.gstatic.com	www.google.com
1	csp.withgoogle.com	406.pr-bot.bookingjini.tech
1	www.google.de	406.pr-bot.bookingjini.tech
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	406.pr-bot.bookingjini.tech
1	fonts.googleapis.com	406.pr-bot.bookingjini.tech
1	cdn.zapscale.com	406.pr-bot.bookingjini.tech
1	scaleflex.cloudimg.io	406.pr-bot.bookingjini.tech
1	css.gg	406.pr-bot.bookingjini.tech
87	29

This site contains no links.

Subject Issuer	Validity	Valid
406.pr-bot.bookingjini.tech R3	`2023-06-02` - `2023-08-31`	3 months	crt.sh
css.gg R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
js.chargebee.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.cloudimg.io GeoTrust TLS RSA CA G1	`2023-05-26` - `2024-06-01`	a year	crt.sh
cdn.zapscale.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
kernel.bookingjini.com Amazon RSA 2048 M02	`2023-01-28` - `2024-02-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://406.pr-bot.bookingjini.tech/
Frame ID: 1A60250EB9CAD19D00403E78FC49BFAD
Requests: 68 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNinUlAAAAAAZj9ZVZ2e5diKUOSLZASophDmYq&co=aHR0cHM6Ly80MDYucHItYm90LmJvb2tpbmdqaW5pLnRlY2g6NDQz&hl=de&type=image&v=CDFvp7CXAHw7k3HxO47Gm1O9&theme=light&size=normal&badge=bottomright&cb=ovu17fiw1r3h
Frame ID: 644A78A76DFDFA89ACE92AEB57FEADDA
Requests: 8 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?width=380&type=standard&size=large&theme=filled_blue&text=sign_in_with&shape=rectangular&logo_alignment=left&client_id=1098328552594-m11e5mhckb9d28fp6vddifeeb9rv24li.apps.googleusercontent.com&iframe_id=gsi_876505_7477&as=WhDFYTsDnjW7JtrH1NTlMw
Frame ID: 7A3ECB7F92CBF86B986A8F44F74E92A0
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6LeNinUlAAAAAAZj9ZVZ2e5diKUOSLZASophDmYq
Frame ID: A6981CDDA4F7B018D25F861D26AF23BD
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/647857c834f/css/min-widget.css
Frame ID: 9457030C30CC0C875F547C927D0C7FA7
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/647857c834f/css/bubble-widget.css
Frame ID: 684591B492FECF1C45B83FE7B2EC0512
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/647857c834f/css/message-preview.css
Frame ID: 6A4A21966F5BA9136FE21D3CA4A9DB5A
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/647857c834f/css/max-widget.css
Frame ID: E30A06CF17353C7BC2150E79D160E997
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bookingjini | Dashboard

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

87
Requests

98 %
HTTPS

71 %
IPv6

21
Domains

29
Subdomains

28
IPs

6
Countries

11108 kB
Transfer

15019 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/css.gg/icons/all.css HTTP 302
https://unpkg.com/css.gg@2.0.0/icons/all.css

Request Chain 58

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6290A08DD3D4B0D977D999091E40085&RedC=c.clarity.ms&MXFR=30086DFC8B206E982D437ED88F20609B HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6290A08DD3D4B0D977D999091E40085&MUID=2AB0CE81DB2D6D9422C4DDA5DA466CC6

87 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
406.pr-bot.bookingjini.tech/ 2 KB
2 KB 462ms
137ms Document
text/html 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://406.pr-bot.bookingjini.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 62aad9c7d9db0d309f9578847cfd6268a85561c0956b3044717942aaa6ed69a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 2313
content-type: text/html
date: Fri, 02 Jun 2023 05:14:33 GMT
etag: "647978e1-909"
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1

GET
H2 200 css
css.gg/ 316 KB
33 KB 121ms
35ms Stylesheet
text/css 2a00:d70:0:b:2002:0:d91a:3de2
HOSTPOINT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://css.gg/css
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:d70:0:b:2002:0:d91a:3de2 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
Software: Apache /
Resource Hash: 4b47508625e39261a7fd6a7bf39e431427d5d9f58e8adffaad0df7035ad0907d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 05:14:33 GMT
date: Fri, 02 Jun 2023 05:14:33 GMT
cache-control: max-age=2592000
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/css; charset: UTF-8;charset=UTF-8

GET
H2

200

all.css
unpkg.com/css.gg@2.0.0/icons/
Redirect Chain

https://unpkg.com/css.gg/icons/all.css
https://unpkg.com/css.gg@2.0.0/icons/all.css

316 KB
36 KB

19ms
19ms

Stylesheet
text/css

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/css.gg@2.0.0/icons/all.css

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef5e898959bac0426908ee712c75e35c328ea39b94a26d9999871cca1ef582c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3187709
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GYY8DJEP4R8QQ46W3C8T9KJP-fra
server: cloudflare
etag: W/"4ee5d-RI/CWbATjDjEOOlPqUtPxa3dq7w"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d0d36ad6e133718-FRA

Redirect headers

date: Fri, 02 Jun 2023 05:14:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: EXPIRED
fly-request-id: 01H1X8ESC3TM3TWYE9GKSF0425-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /css.gg@2.0.0/icons/all.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7d0d36a8c8e63718-FRA

GET
H2 200 all.css
cdn.jsdelivr.net/npm/css.gg/icons/ 316 KB
38 KB 34ms
6ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/css.gg/icons/all.css

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ef5e898959bac0426908ee712c75e35c328ea39b94a26d9999871cca1ef582c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 05:14:33 GMT
x-content-type-options: nosniff
content-encoding: br
age: 16900
x-jsd-version: 2.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38734
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
etag: W/"4ee5d-RI/CWbATjDjEOOlPqUtPxa3dq7w"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 253 KB
76 KB 62ms
7ms Script
application/x-javascript 18.66.147.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-29.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

65a2a4dad9ec8d99b84f0b71a4c15067c460fc4a5c3ad630409193ff4e807bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: p9emv785.Eth.juYb1i6.0TQXgqvb8QR
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Fri, 02 Jun 2023 05:13:29 GMT
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 65
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 09:28:57 GMT
server: AmazonS3
etag: W/"93a17e0eadd27bc4b5e659f036e7991a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: ICMk_VKuKQXwO9PgaVYYnC2PeOtDWwUKPRGrYNQTkYcfnc_cSPSQAg==

GET
H2 200 main.219fce66.js Show response
406.pr-bot.bookingjini.tech/static/js/ 7 MB
7 MB 167ms
167ms Script
application/javascript 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://406.pr-bot.bookingjini.tech/static/js/main.219fce66.js
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 7da294b60528af3acb35d10917958254054c01b623fa94743c8b6bb9f8f39cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:34 GMT
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "647978e1-73fb39"
content-length: 7600953
content-type: application/javascript

GET
H2 200 main.f99d43fb.css
406.pr-bot.bookingjini.tech/static/css/ 1 MB
1 MB 138ms
136ms Stylesheet
text/css 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 256aa296fcca568f875071fc63f0a6e20ddfed67c8ba8fd75b16dd851781e0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:33 GMT
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "647978e1-13c041"
content-length: 1294401
content-type: text/css

GET
H2 200 filerobot-image-editor.min.js Show response
scaleflex.cloudimg.io/v7/plugins/filerobot-image-editor/latest/ 838 KB
253 KB 55ms
8ms Script
text/javascript 199.232.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scaleflex.cloudimg.io/v7/plugins/filerobot-image-editor/latest/filerobot-image-editor.min.js

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.232.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

e45782f9309634b6ef32c1419963f3fdb137bcd5bc7cd5fe29d031c79314f271

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 02 Jun 2023 05:14:33 GMT
age: 80242
x-origin-code: 200
x-cache: HIT, HIT
content-length: 258216
x-xss-protection: 1
x-airstore-traceid: AsIk2xzZKGR69eO
x-served-by: cache-par-lfpg1960055-PAR, cache-fra-eddf8230054-FRA
sf-trace: (null) fetch[o]
x-filerobot-visibility: VISIBILITY_PUBLIC
last-modified: Thu, 01 Jun 2023 06:57:11 GMT
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230601065711_f0d36_voyN#320y
x-timer: S1685682874.737000,VS0,VE2
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, PATCH
content-type: text/javascript;charset=UTF-8
x-global-time: 122ms
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Airstore-Secret-Key, X-Airstore-Key, X-Filerobot-Key, X-Auth-Token, X-Token, X-Company-Token, X-Project-Token, X-Locale, X-Lang, X-Version, X-Session-Token, X-CSRF-Token, Cache-Control, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, Origin
x-ultrafast-origin-code: 200
x-geo: eu057
x-cache-hits: 1, 1

GET
H2 200 148-2d81745dcd266fa05fff.js Show response
js.chargebee.com/assets/cbjs-2023.05.25-07.29/v2/ 12 KB
4 KB 28ms
28ms Script
application/x-javascript 18.66.147.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.05.25-07.29/v2/148-2d81745dcd266fa05fff.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-29.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bedc50b4b38418e0bf79524007742a952303adcd7ee8bc87136402ac9216f116

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: bg1jWiUU.BOVTeKL5bgCDYH6McVxoFbD
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Fri, 02 Jun 2023 05:10:37 GMT
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 238
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 09:28:57 GMT
server: AmazonS3
etag: W/"58e15828a8f8c0002d869f44266ea14b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: LOAco3_PxuPndcFENcv6_9aMDfgi_Oh58Yaa_7NXNO4t03p0nlKHJA==

GET
H2 200 zapscale.browser.js Show response
cdn.zapscale.com/probe/ 9 KB
3 KB 133ms
12ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zapscale.com/probe/zapscale.browser.js
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c22cd641150af75c2382ef5a798504ab03a328f343793d87bdb07cd095f34ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 02 Jun 2023 05:14:34 GMT
content-encoding: br
last-modified: Thu, 23 Feb 2023 12:14:02 GMT
x-azure-ref-originshield: 0PsR2ZAAAAAArMtLAEsIgTJ+D4vEnglqFRlJBMjMxMDUwNDE4MDQ5ADNmNzVkY2YxLWUwOTQtNGU0Yy1hMzA0LTdkMmUyNDg3MjM5Nw==
content-md5: 6/pSiiL2jHW1Yu+2Ya7zPw==
etag: 0x8DB159773A3895D
x-azure-ref: 0unp5ZAAAAADLJy9MLntQSIi2Nab8ciE4RlJBMzFFREdFMDMwOAAzZjc1ZGNmMS1lMDk0LTRlNGMtYTMwNC03ZDJlMjQ4NzIzOTc=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 82450757-401e-0015-2d0e-925003000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700;800&display=swap

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7c8534db085e2ff5fb91ea2c0f495bfdfeefe8554efbd6f3797c0a8fe731630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Jun 2023 05:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 04:51:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jun 2023 05:14:34 GMT

GET
H2 200 eo05d65kk6 Show response
www.clarity.ms/tag/ 1 KB
1 KB 125ms
100ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/eo05d65kk6
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 581c36e480a3750056886c343282e00a0ce45b8230635811ff1640e9b13a6764

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date: Fri, 02 Jun 2023 05:14:34 GMT
x-azure-ref: 0unp5ZAAAAAD2TpsmMlmnSaFmhccYvQBgRlJBMzFFREdFMDMyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1033
expires: -1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 10ms
9ms Script
application/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/eo05d65kk6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:34 GMT
content-encoding: br
last-modified: Wed, 31 May 2023 13:34:37 GMT
x-azure-ref-originshield: 0+0J5ZAAAAACtQM8i7MeKQ5+on7p8klTRRlJBMjMxMDUwNDE4MDM5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB61DBC78F29E1"
x-azure-ref: 0unp5ZAAAAADESbqHDyaFQ7SvYrhpVNm2RlJBMzFFREdFMDMyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 18b48ad2-c01e-002b-5050-94ae17000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
307 B 341ms
95ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://406.pr-bot.bookingjini.tech
Date: Fri, 02 Jun 2023 05:14:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/js/main.219fce66.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Jun 2023 05:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 582
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 02 Jun 2023 07:04:54 GMT

GET
H2 200 hotjar-3146726.js Show response
static.hotjar.com/c/ 9 KB
4 KB 67ms
37ms Script
application/javascript 18.66.122.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3146726.js?sv=6

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-47.fra60.r.cloudfront.net

Software

Resource Hash

1560af95490173a3d07a97a1a780317751c7d1d526788b9b48998d1618d9fdd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
etag: W/378d2f56533d99a7bb721ba5dd043eb6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: MIFINED6uahEbVdS1UHpgPQI3SAlP74n37OPE8M0eq28F5BIsoVNuw==

GET
H2 200 1g7etlhqt Show response
embed.tawk.to/62c8279e7b967b117998a6bd/ 2 KB
926 B 492ms
460ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/62c8279e7b967b117998a6bd/1g7etlhqt

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/js/main.219fce66.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f927175e57b1556ade6a89f36f4d82f52df51706263fb0f22edb02dcc15b647

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-647857c834f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 7d0d36b92f629b63-FRA
alt-svc: h3=":443"; ma=86400

POST
H/1.1 204
No Content collect
y.clarity.ms/ 0
307 B 91ms
91ms Ping
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://406.pr-bot.bookingjini.tech
Date: Fri, 02 Jun 2023 05:14:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
901 B 40ms
18ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/js/main.219fce66.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7f48485fef07f8c6859081175277489cb30c9aeb14b2a13641c6ac21d42620ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 581
x-xss-protection: 1; mode=block
expires: Fri, 02 Jun 2023 05:14:36 GMT

GET
DATA 200
OK truncated
/ 981 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ddad221c4cf674563a356b64c107cb1b263ff930cc05bcc7c1a95920f955e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 undefined
406.pr-bot.bookingjini.tech/ 2 KB
2 KB 137ms
137ms Image
text/html 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://406.pr-bot.bookingjini.tech/undefined
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "647978e1-909"
content-length: 2313
content-type: text/html

GET
H2 200 bootstrap-icons.b2e5aab643c6f0fd2da6.woff2
406.pr-bot.bookingjini.tech/static/media/ 118 KB
119 KB 137ms
136ms Font
font/woff2 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://406.pr-bot.bookingjini.tech/static/media/bootstrap-icons.b2e5aab643c6f0fd2da6.woff2
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599

Request headers

Referer: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "647978e1-1d9d0"
content-length: 121296
content-type: font/woff2

GET
H2 200 Manrope-Medium.c4a10b8e3299e2e8a96c.woff2
406.pr-bot.bookingjini.tech/static/media/ 48 KB
48 KB 140ms
139ms Font
font/woff2 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://406.pr-bot.bookingjini.tech/static/media/Manrope-Medium.c4a10b8e3299e2e8a96c.woff2
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 14de32049b8551895adb408cbe87fe1b440421a71fba2f5d7e3ff27035603689

Request headers

Referer: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "647978e1-be44"
content-length: 48708
content-type: font/woff2

GET
H2 200 Manrope-ExtraBold.603b5471207aac74f275.woff2
406.pr-bot.bookingjini.tech/static/media/ 47 KB
48 KB 141ms
140ms Font
font/woff2 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://406.pr-bot.bookingjini.tech/static/media/Manrope-ExtraBold.603b5471207aac74f275.woff2
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 07b8d62e3bd2883048fac0c0d766203e24addef30c9ca840496357160109b137

Request headers

Referer: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "647978e1-bdc4"
content-length: 48580
content-type: font/woff2

GET
H2 200 Manrope-Regular.44732e849bd6e01e5831.woff2
406.pr-bot.bookingjini.tech/static/media/ 48 KB
48 KB 143ms
143ms Font
font/woff2 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://406.pr-bot.bookingjini.tech/static/media/Manrope-Regular.44732e849bd6e01e5831.woff2
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: cb2441ad1ee8aed98415472ee2d0a9c7be1c8bef828582c83028a980fc57607b

Request headers

Referer: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "647978e1-bf94"
content-length: 49044
content-type: font/woff2

GET
H2 200 Manrope-SemiBold.f292b6eb712d30a71bba.woff2
406.pr-bot.bookingjini.tech/static/media/ 48 KB
48 KB 147ms
147ms Font
font/woff2 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://406.pr-bot.bookingjini.tech/static/media/Manrope-SemiBold.f292b6eb712d30a71bba.woff2
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 598bd7610a06dcdd38d851524232b1449b83766ba762fb36b266392aa15a787f

Request headers

Referer: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "647978e1-bfb0"
content-length: 49072
content-type: font/woff2

GET
H2 200 Manrope-Bold.f7cb9159fafc0e89aef3.woff2
406.pr-bot.bookingjini.tech/static/media/ 49 KB
49 KB 143ms
143ms Font
font/woff2 3.7.88.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://406.pr-bot.bookingjini.tech/static/media/Manrope-Bold.f7cb9159fafc0e89aef3.woff2
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.7.88.239 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-88-239.ap-south-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b6aa9d23eac053c594937da212ff1193477c943622e0a8a874ba806aa44fb115

Request headers

Referer: https://406.pr-bot.bookingjini.tech/static/css/main.f99d43fb.css
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
last-modified: Fri, 02 Jun 2023 05:06:41 GMT
server: nginx/1.16.1
accept-ranges: bytes
etag: "647978e1-c3a4"
content-length: 50084
content-type: font/woff2

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
75 KB 92ms
64ms Script
application/javascript 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/js/main.219fce66.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cb76656c73764a518e89bf8d5a2c5684dbcb0a4e889f2b1f7b83e12dabc6afe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F9YMVjy_M2UWMQtVUB6ZBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-F9YMVjy_M2UWMQtVUB6ZBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 02 Jun 2023 05:14:36 GMT

GET
H2 200 BOOKINGJINIWEB Show response
kernel.bookingjini.com/extranetv4/testimonials/ 354 B
699 B 514ms
191ms XHR
application/json 3.108.119.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kernel.bookingjini.com/extranetv4/testimonials/BOOKINGJINIWEB
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/js/main.219fce66.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.108.119.193 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-108-119-193.ap-south-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: de1d668d0d32dfdf75ac37fcbd6ebd867b7da670ac21b4c4d1d4c172b8a289b3

Request headers

Accept: application/json, text/plain, */*
Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With,private,Cache-Control
content-length: 354
expires: -1

GET
H2 200 getfestivebanner Show response
kernel.bookingjini.com/extranetv4/ 51 B
396 B 512ms
189ms XHR
application/json 3.108.119.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kernel.bookingjini.com/extranetv4/getfestivebanner
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/js/main.219fce66.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.108.119.193 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-108-119-193.ap-south-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7b0f5b01d15dfac44c6b0caf6b27058bb711a778aa7ad309b0fe3584d729a9b9

Request headers

Accept: application/json, text/plain, */*
Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With,private,Cache-Control
content-length: 51
expires: -1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
168 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=464516263&t=pageview&_s=1&dl=https%3A%2F%2F406.pr-bot.bookingjini.tech%2Flogin&dp=%2F&ul=en-us&de=UTF-8&dt=Bookingjini%20%7C%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1741228608&gjid=1939396895&cid=277288949.1685682876&tid=UA-240157394-2&_gid=1486812290.1685682876&_r=1&_slc=1&z=1152524604

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

72461299c0eea90a53de94484d3a31eaa646c2e6d9781e7a12e330af2d64b9a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=464516263&t=pageview&_s=2&dl=https%3A%2F%2F406.pr-bot.bookingjini.tech%2Flogin&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Bookingjini%20%7C%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=277288949.1685682876&tid=UA-240157394-2&_gid=1486812290.1685682876&z=1269416331

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 19:21:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.fee08111252915d9fd11.js Show response
script.hotjar.com/ 265 KB
69 KB 46ms
6ms Script
application/javascript 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fee08111252915d9fd11.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3146726.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-111.fra56.r.cloudfront.net

Software

Resource Hash

a5c8acffadd7a1ff83b2b39dc2f3a549b537ef0d46ab028c45020b98fdbadf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 26 May 2023 11:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 583349
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69576
last-modified: Fri, 26 May 2023 11:11:43 GMT
etag: "30d68c2089416d2cc695ef1dd123cb78"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Ni7dZjRTPse6pmni0wnixX3lLSjN20VBMxk0ahFDsrvlYzX9dJbpZg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ 410 KB
165 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 19:50:42 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
357 B 70ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-240157394-2&cid=277288949.1685682876&jid=1741228608&gjid=1939396895&_gid=1486812290.1685682876&_u=YEBAAEAAAAAAACAAI~&z=863648078

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Jun 2023 05:14:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
80 KB 46ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HXDCWCE1KB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e83c4fd6e91b977e6378f12a4eb84975570139d7b6e892a997ca7676542c3beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Jun 2023 05:14:36 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 23ms
23ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-240157394-2&cid=277288949.1685682876&jid=1741228608&_u=YEBAAEAAAAAAACAAI~&z=997324279

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 43ms
17ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-240157394-2&cid=277288949.1685682876&jid=1741228608&_u=YEBAAEAAAAAAACAAI~&z=997324279

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 644A 51 KB
28 KB 56ms
56ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNinUlAAAAAAZj9ZVZ2e5diKUOSLZASophDmYq&co=aHR0cHM6Ly80MDYucHItYm90LmJvb2tpbmdqaW5pLnRlY2g6NDQz&hl=de&type=image&v=CDFvp7CXAHw7k3HxO47Gm1O9&theme=light&size=normal&badge=bottomright&cb=ovu17fiw1r3h

Requested by

Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/static/js/main.219fce66.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78554b05c8d9acba69d53d1e1941c7aef085f52424e5f831d4f2dd6ac6f3f2d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t0xoYHItYizLOU0I6CLzwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28670
content-security-policy: script-src 'report-sample' 'nonce-t0xoYHItYizLOU0I6CLzwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 05:14:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-88Mw8Bipr1kp8SLs8yzMCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-88Mw8Bipr1kp8SLs8yzMCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 02 Jun 2023 05:14:36 GMT

GET
H2 403 button Show response
accounts.google.com/gsi/ Frame 7A3E 1 KB
1 KB 60ms
59ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?width=380&type=standard&size=large&theme=filled_blue&text=sign_in_with&shape=rectangular&logo_alignment=left&client_id=1098328552594-m11e5mhckb9d28fp6vddifeeb9rv24li.apps.googleusercontent.com&iframe_id=gsi_876505_7477&as=WhDFYTsDnjW7JtrH1NTlMw

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

047c46280f6a3997f03380d2b066e8ccf8c2cc52cc1287b8c9edb2209a67c360

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-YtRbo3YcEpeS4CULi7wCQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-YtRbo3YcEpeS4CULi7wCQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 05:14:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 39ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HXDCWCE1KB&gtm=45je35v0&_p=464516263&ul=en-us&sr=1600x1200&cid=277288949.1685682876&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AhA&ngs=1&_s=1&dl=https%3A%2F%2F406.pr-bot.bookingjini.tech%2Flogin&dp=%2F&dt=Bookingjini%20%7C%20Dashboard&sid=1685682876&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HXDCWCE1KB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 32ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HXDCWCE1KB&gtm=45je35v0&_p=464516263&ul=en-us&sr=1600x1200&cid=277288949.1685682876&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AhA&ngs=1&_s=2&dl=https%3A%2F%2F406.pr-bot.bookingjini.tech%2Flogin&dp=%2Flogin&dt=Bookingjini%20%7C%20Dashboard&sid=1685682876&sct=1&seg=1&en=page_view&_ee=1&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HXDCWCE1KB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 33ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HXDCWCE1KB&gtm=45je35v0&_p=464516263&ul=en-us&sr=1600x1200&cid=277288949.1685682876&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABg&ngs=1&_s=3&dl=https%3A%2F%2F406.pr-bot.bookingjini.tech%2Flogin&dp=%2F&dt=Bookingjini%20%7C%20Dashboard&sid=1685682876&sct=1&seg=1&en=intranet_refer&_c=1&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HXDCWCE1KB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 31ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HXDCWCE1KB&gtm=45je35v0&_p=464516263&ul=en-us&sr=1600x1200&cid=277288949.1685682876&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABg&ngs=1&_s=4&dl=https%3A%2F%2F406.pr-bot.bookingjini.tech%2Flogin&dp=%2Flogin&dt=Bookingjini%20%7C%20Dashboard&sid=1685682876&sct=1&seg=1&en=intranet_refer&_c=1&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HXDCWCE1KB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 644A 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNinUlAAAAAAZj9ZVZ2e5diKUOSLZASophDmYq&co=aHR0cHM6Ly80MDYucHItYm90LmJvb2tpbmdqaW5pLnRlY2g6NDQz&hl=de&type=image&v=CDFvp7CXAHw7k3HxO47Gm1O9&theme=light&size=normal&badge=bottomright&cb=ovu17fiw1r3h

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 19:50:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 644A 410 KB
164 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 19:50:42 GMT

POST
H2 204 identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 7A3E 0
0 40ms
19ms Other
text/html 2a00:1450:4001:813::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by: Host: 406.pr-bot.bookingjini.tech
URL: https://406.pr-bot.bookingjini.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://accounts.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 m=credential_button_library
ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.8qDVaJ1YQUU.L.W.O/am=wg/d=1/rs=AF0KOtUKj84G57tNQjKW6o0-t4KEyJGpLQ/ Frame 7A3E 7 KB
2 KB 42ms
6ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.8qDVaJ1YQUU.L.W.O/am=wg/d=1/rs=AF0KOtUKj84G57tNQjKW6o0-t4KEyJGpLQ/m=credential_button_library

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/button?width=380&type=standard&size=large&theme=filled_blue&text=sign_in_with&shape=rectangular&logo_alignment=left&client_id=1098328552594-m11e5mhckb9d28fp6vddifeeb9rv24li.apps.googleusercontent.com&iframe_id=gsi_876505_7477&as=WhDFYTsDnjW7JtrH1NTlMw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 18:22:05 GMT
age: 211951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1753
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 06:17:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="csi-web-eng"
vary: Accept-Encoding
report-to: {"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 18:22:05 GMT

GET
H2 200 m=credential_button_library Show response
ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.Xp1b3hAb0UI.O/am=wg/d=1/rs=AF0KOtU6EdFZpoqBsOTyQwgMjFTyr4Mkbg/ Frame 7A3E 97 KB
35 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.Xp1b3hAb0UI.O/am=wg/d=1/rs=AF0KOtU6EdFZpoqBsOTyQwgMjFTyr4Mkbg/m=credential_button_library

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905737db8373d8d800802fe85866cadee513a44df755bd11201142226d73aa94

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 23:54:46 GMT
age: 191990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36016
x-xss-protection: 0
last-modified: Sat, 27 May 2023 05:18:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="csi-web-eng"
vary: Accept-Encoding
report-to: {"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 23:54:46 GMT

GET
DATA 200
OK truncated
/ Frame 644A 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 644A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 644A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 454921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 03 Jun 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 644A 15 KB
16 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 19:03:49 GMT
x-content-type-options: nosniff
age: 123047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 19:03:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 644A 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7bd1344379eb2ac9631066d92e8675977cfdac8dd9ce4b751c01c3f13725a87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNinUlAAAAAAZj9ZVZ2e5diKUOSLZASophDmYq&co=aHR0cHM6Ly80MDYucHItYm90LmJvb2tpbmdqaW5pLnRlY2g6NDQz&hl=de&type=image&v=CDFvp7CXAHw7k3HxO47Gm1O9&theme=light&size=normal&badge=bottomright&cb=ovu17fiw1r3h
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 02 Jun 2023 05:14:36 GMT

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
307 B 185ms
184ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://406.pr-bot.bookingjini.tech
Date: Fri, 02 Jun 2023 05:14:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A698 7 KB
1 KB 21ms
21ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6LeNinUlAAAAAAZj9ZVZ2e5diKUOSLZASophDmYq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7266ad68f70877c3d3d832ad3d0c9191f832d1006b46480e5f29a9b67f13d1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u-BCo4nwb5qcKVzT1LoIxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1154
content-security-policy: script-src 'report-sample' 'nonce-u-BCo4nwb5qcKVzT1LoIxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 05:14:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame A698 55 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6LeNinUlAAAAAAZj9ZVZ2e5diKUOSLZASophDmYq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 19:50:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame A698 410 KB
164 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&k=6LeNinUlAAAAAAZj9ZVZ2e5diKUOSLZASophDmYq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 19:50:42 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6290A08DD3D4B0D977D999091E40085&RedC=c.clarity.ms&MXFR=30086DFC8B206E982D437ED88F20609B
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6290A08DD3D4B0D977D999091E40085&MUID=2AB0CE81DB2D6D9422C4DDA5DA466CC6

42 B
445 B

30ms
30ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6290A08DD3D4B0D977D999091E40085&MUID=2AB0CE81DB2D6D9422C4DDA5DA466CC6
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
last-modified: Thu, 04 May 2023 15:33:28 GMT
server: Microsoft-IIS/10.0
etag: "6de038c69d7ed91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 02 Jun 2023 05:14:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC048B639F8F4A4CAEA5C2216A4923F2 Ref B: FRAEDGE1107 Ref C: 2023-06-02T05:14:36Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6290A08DD3D4B0D977D999091E40085&MUID=2AB0CE81DB2D6D9422C4DDA5DA466CC6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 403 status Show response
accounts.google.com/gsi/ 37 B
92 B 31ms
31ms XHR
application/json 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=1098328552594-m11e5mhckb9d28fp6vddifeeb9rv24li.apps.googleusercontent.com&as=WhDFYTsDnjW7JtrH1NTlMw

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

baaf2582a03dce267027d0ded4affc43da732338e83f74728564ccf8180caf5e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-O-0PIz0PA24iOS_r23N5HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-O-0PIz0PA24iOS_r23N5HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 121 B
263 B 126ms
125ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62c8279e7b967b117998a6bd/1g7etlhqt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36bc3b5e9b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 76 KB
27 KB 242ms
241ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62c8279e7b967b117998a6bd/1g7etlhqt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
content-encoding: br
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36bc3b649b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 206 KB
61 KB 352ms
351ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62c8279e7b967b117998a6bd/1g7etlhqt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c59e62c954fa9f314b94a6a663f42a07c5665edd8c1a811928bb75a3bae81abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
content-encoding: br
etag: W/"a458f8b9356759187c0add9b3aea0466"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36bc4b679b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 195 KB
41 KB 359ms
358ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62c8279e7b967b117998a6bd/1g7etlhqt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32df1eaf7a2a0b5be16600af2fca20bc7b75094f7c99f2c41f85672aecf96410

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
content-encoding: br
etag: W/"3e263833d626ec2cef66a88d9b9eafc0"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36bc4b699b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 2 KB
1 KB 131ms
131ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62c8279e7b967b117998a6bd/1g7etlhqt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b8debb555df6ee4a4c52e86e3d338ece5135ce1baf9482850305d7cfd5d6818

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
content-encoding: br
etag: W/"76f9b49547729f7e438a286409da8d92"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36bc4b6b9b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 151 B
206 B 130ms
130ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62c8279e7b967b117998a6bd/1g7etlhqt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
Origin: https://406.pr-bot.bookingjini.tech
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:36 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36bc4b6d9b63-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2.png
d3ki85qs1zca4t.cloudfront.net/extranet_v4/testimonials/ 453 KB
454 KB 673ms
593ms Image
image/png 2600:9000:2250:2600:6:c869:5340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3ki85qs1zca4t.cloudfront.net/extranet_v4/testimonials/2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2600:6:c869:5340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 472540fc7cc0acd9344cde6114db57aca5d474ec4c8b2fc46ecc1a02c4c0f07a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
x-amz-version-id: qDmoQ91qx9B.d1ZMbOjRvGEemjbaWn9x
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
last-modified: Wed, 10 Aug 2022 13:52:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "b60febdf643f142b9a9558973dfcde52"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 463942
x-amz-cf-id: efMghuaXMqLZCcb7Or4RJPqMBdaNwN4r8oGs_l7we-dglAeQEdr83g==

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 679ms
662ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=62c8279e7b967b117998a6bd&widgetId=1g7etlhqt&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

507f336848b7c71efeaa881ec00fc22cc1ad499e5ebe442b035a5ec49e2f5186

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-rkn9
server: cloudflare
etag: W/"2-56-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 7d0d36beef5a9b63-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 999 B
1 KB 471ms
461ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fbb5f708b7caa38315a10a4e1bd204915bffbf24bac84637ded2db17e834bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
access-control-allow-credentials: true
cf-ray: 7d0d36c0fed7bbef-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-8cdl

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 335ms
322ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://406.pr-bot.bookingjini.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d0d36beef599b63-FRA
date: Fri, 02 Jun 2023 05:14:37 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-k6fw

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
307 B 92ms
92ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://406.pr-bot.bookingjini.tech
Date: Fri, 02 Jun 2023 05:14:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/647857c834f/languages/ 16 KB
4 KB 19ms
18ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72764
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c30984bbef-FRA

GET
H3 200 twk-chunk-2c78ba82.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 7 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-2c78ba82.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72766
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
etag: W/"fac25ff2d2c405e1ac7e156dca1f819c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c3eaafbbef-FRA

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 16 KB
5 KB 18ms
18ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274a52c8e970b1628a0e124346f536fc50ff24df02b24617106598e833f9ca28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72766
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
etag: W/"21e4acf0396682b5b6c8a1059a0329ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c3eab0bbef-FRA

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 10 KB
4 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8103a7e8af1ac9af8bc9088f85314419f8febc71a6ada3bc613fd917bc089bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72764
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
etag: W/"0720214ce53bc2112baf1addfdb24e67"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c3eab1bbef-FRA

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 15 KB
5 KB 24ms
24ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

801735c8d59211f7e66b22c02fa9059b8f1365b870bdcd9400976d7976738446

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72766
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
etag: W/"2da3c7f5795507b27dfb3f566f1d1658"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c3eab3bbef-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 942 B
694 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72766
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c3eab6bbef-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 546 B
583 B 18ms
17ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72766
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c3eab7bbef-FRA

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 11 KB
4 KB 25ms
24ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72766
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
etag: W/"a92075fd9ac5ba130387a80453676099"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c3eab8bbef-FRA

GET
H3 200 twk-chunk-32507910.js Show response
embed.tawk.to/_s/v4/app/647857c834f/js/ 73 KB
16 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-32507910.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1d7ead91ac09e5d11d23c7add58e859d1ec2617b2965b2edf219d11e22f5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72766
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:35:04 GMT
server: cloudflare
etag: W/"e499158ac641ee2e13d8fe8c92901938"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c3eababbef-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/647857c834f/css/ Frame 9457 24 KB
5 KB 17ms
17ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1bfe5783a5d1dfa85516567b1f43ac93afb2c0d90b95a7d80008f424b79f9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72766
cf-polished: origSize=25132
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 08:35:03 GMT
server: cloudflare
etag: W/"5a64db61397115a8352ba2e5f580ebc1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c43b38bbef-FRA

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/647857c834f/css/ Frame 6845 13 KB
3 KB 16ms
16ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72764
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 08:35:03 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c45b58bbef-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/647857c834f/css/ Frame 6A4A 37 KB
8 KB 18ms
18ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d99ef2623fbb4db6acd77710a5ae6c7a247429e46f0f58f1326ef8cf0b6235

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72765
cf-polished: origSize=38440
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 08:35:03 GMT
server: cloudflare
etag: W/"2923ea86eac244f7fcd7509928259774"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c46b79bbef-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/647857c834f/css/ Frame E30A 74 KB
14 KB 19ms
17ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/647857c834f/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9724a4315cc6faf9613d2ca2c135251beb0be2311f391e24f037050aae497a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 72765
cf-polished: origSize=75943
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 08:35:03 GMT
server: cloudflare
etag: W/"bd5b0005ee2970a84fc3ae92dce3fcd0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c48bc1bbef-FRA

GET
H3 200 168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 6845 22 KB
6 KB 21ms
21ms Image
image/svg+xml 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1452962
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:19 GMT
server: cloudflare
etag: W/"f66e029841759471d2ec78b86760dca7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d0d36c49bd8bbef-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
40 KB 9ms
9ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://406.pr-bot.bookingjini.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Jun 2023 05:14:38 GMT
age: 5105768
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
x-served-by: cache-fra-eddf8230095-FRA
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 129ms
128ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://406.pr-bot.bookingjini.tech
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d0d36c71815bb83-FRA
date: Fri, 02 Jun 2023 05:14:38 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-jsk5

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
269 B 156ms
156ms Fetch
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/647857c834f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 02 Jun 2023 05:14:38 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://406.pr-bot.bookingjini.tech
access-control-allow-credentials: true
cf-ray: 7d0d36c7e945bb83-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-q4mq

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
307 B 93ms
92ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://406.pr-bot.bookingjini.tech/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://406.pr-bot.bookingjini.tech
Date: Fri, 02 Jun 2023 05:14:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-20 21:00:18	Name: CLID Value: cca241b9d1e44d769a191f061ce093c2.20230602.20240601
.bookingjini.tech/	1970-01-20 21:00:18	Name: _clck Value: 1xdpk1f\|2\|fc4\|0\|1248
.bookingjini.tech/	1970-01-20 21:50:42	Name: _ga Value: GA1.2.277288949.1685682876
.bookingjini.tech/	1970-01-20 12:16:09	Name: _gid Value: GA1.2.1486812290.1685682876
.bookingjini.tech/	1970-01-20 12:14:42	Name: _gat Value: 1
.bookingjini.tech/	1970-01-20 21:00:18	Name: _hjSessionUser_3146726 Value: eyJpZCI6IjhkNTg1ZjgwLTJjYzEtNWU2ZS1iMmZkLTYwNjI0ZDQ3NzExYyIsImNyZWF0ZWQiOjE2ODU2ODI4NzY0NTcsImV4aXN0aW5nIjpmYWxzZX0=
.bookingjini.tech/	1970-01-20 12:14:44	Name: _hjFirstSeen Value: 1
.bookingjini.tech/	1970-01-20 12:14:42	Name: _hjIncludedInSessionSample_3146726 Value: 0
.bookingjini.tech/	1970-01-20 12:14:44	Name: _hjSession_3146726 Value: eyJpZCI6IjNiYTI3NGY3LTY1NmEtNGMxNC05NjA4LWE4OTFlYWEyNGMzYSIsImNyZWF0ZWQiOjE2ODU2ODI4NzY0NjUsImluU2FtcGxlIjpmYWxzZX0=
.bookingjini.tech/	1970-01-20 12:14:44	Name: _hjAbsoluteSessionInProgress Value: 0
.bookingjini.tech/	1970-01-20 21:50:42	Name: _ga_HXDCWCE1KB Value: GS1.2.1685682876.1.1.1685682876.0.0.0
.bookingjini.tech/	1970-01-20 12:16:09	Name: _clsk Value: o2x53y\|1685682876903\|2\|1\|y.clarity.ms/collect
.bing.com/	1970-01-20 21:36:18	Name: MUID Value: 2AB0CE81DB2D6D9422C4DDA5DA466CC6
.c.bing.com/	1970-01-20 12:24:47	Name: MR Value: 0
.c.bing.com/	1970-01-20 21:36:18	Name: SRM_B Value: 2AB0CE81DB2D6D9422C4DDA5DA466CC6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 21:36:18	Name: MUID Value: 2AB0CE81DB2D6D9422C4DDA5DA466CC6
.c.clarity.ms/	1970-01-20 12:24:47	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:14:43	Name: ANONCHK Value: 0
406.pr-bot.bookingjini.tech/	1969-12-31 23:59:59	Name: twk_idm_key Value: kM83cv-IME-YkTmTOAIPs
406.pr-bot.bookingjini.tech/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.bookingjini.tech/	1970-01-20 16:33:54	Name: twk_uuid_62c8279e7b967b117998a6bd Value: %7B%22uuid%22%3A%221.2BiO2YfUGylHryoQrP5axOqNcCb4YRGS3OpWYfDFfBWF107V4WubqfPepOmgFXPwtNSb1m9h7AISeHVzYanzz5tJWXhWcERRO4aHxmybB4BrlKsFzxlbvMkxBtz%22%2C%22version%22%3A3%2C%22domain%22%3A%22bookingjini.tech%22%2C%22ts%22%3A1685682878052%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/gsi/button?width=380&type=standard&size=large&theme=filled_blue&text=sign_in_with&shape=rectangular&logo_alignment=left&client_id=1098328552594-m11e5mhckb9d28fp6vddifeeb9rv24li.apps.googleusercontent.com&iframe_id=gsi_876505_7477&as=WhDFYTsDnjW7JtrH1NTlMw Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/gsi/status?client_id=1098328552594-m11e5mhckb9d28fp6vddifeeb9rv24li.apps.googleusercontent.com&as=WhDFYTsDnjW7JtrH1NTlMw Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

406.pr-bot.bookingjini.tech
accounts.google.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.zapscale.com
csp.withgoogle.com
css.gg
d3ki85qs1zca4t.cloudfront.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
js.chargebee.com
kernel.bookingjini.com
region1.google-analytics.com
scaleflex.cloudimg.io
script.hotjar.com
ssl.gstatic.com
static.hotjar.com
stats.g.doubleclick.net
unpkg.com
va.tawk.to
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
y.clarity.ms
104.211.35.148
108.138.7.111
18.66.122.47
18.66.147.29
199.232.194.132
2001:4860:4802:34::36
2600:9000:2250:2600:6:c869:5340:21
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2606:4700::6810:7eaf
2620:1ec:4e:1::45
2620:1ec:4f:1::45
2620:1ec:c11::200
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200d
2a00:1450:4001:813::2011
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9b
2a00:d70:0:b:2002:0:d91a:3de2
2a04:4e42::485
3.108.119.193
3.7.88.239
68.219.88.97
047c46280f6a3997f03380d2b066e8ccf8c2cc52cc1287b8c9edb2209a67c360
07b8d62e3bd2883048fac0c0d766203e24addef30c9ca840496357160109b137
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
14de32049b8551895adb408cbe87fe1b440421a71fba2f5d7e3ff27035603689
1560af95490173a3d07a97a1a780317751c7d1d526788b9b48998d1618d9fdd8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
256aa296fcca568f875071fc63f0a6e20ddfed67c8ba8fd75b16dd851781e0a0
274a52c8e970b1628a0e124346f536fc50ff24df02b24617106598e833f9ca28
2b8debb555df6ee4a4c52e86e3d338ece5135ce1baf9482850305d7cfd5d6818
2cb76656c73764a518e89bf8d5a2c5684dbcb0a4e889f2b1f7b83e12dabc6afe
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
2fbb5f708b7caa38315a10a4e1bd204915bffbf24bac84637ded2db17e834bd2
32df1eaf7a2a0b5be16600af2fca20bc7b75094f7c99f2c41f85672aecf96410
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
472540fc7cc0acd9344cde6114db57aca5d474ec4c8b2fc46ecc1a02c4c0f07a
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4b47508625e39261a7fd6a7bf39e431427d5d9f58e8adffaad0df7035ad0907d
507f336848b7c71efeaa881ec00fc22cc1ad499e5ebe442b035a5ec49e2f5186
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
581c36e480a3750056886c343282e00a0ce45b8230635811ff1640e9b13a6764
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
598bd7610a06dcdd38d851524232b1449b83766ba762fb36b266392aa15a787f
5f927175e57b1556ade6a89f36f4d82f52df51706263fb0f22edb02dcc15b647
62aad9c7d9db0d309f9578847cfd6268a85561c0956b3044717942aaa6ed69a4
65a2a4dad9ec8d99b84f0b71a4c15067c460fc4a5c3ad630409193ff4e807bc5
65d99ef2623fbb4db6acd77710a5ae6c7a247429e46f0f58f1326ef8cf0b6235
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
72461299c0eea90a53de94484d3a31eaa646c2e6d9781e7a12e330af2d64b9a3
78554b05c8d9acba69d53d1e1941c7aef085f52424e5f831d4f2dd6ac6f3f2d4
7b0f5b01d15dfac44c6b0caf6b27058bb711a778aa7ad309b0fe3584d729a9b9
7da294b60528af3acb35d10917958254054c01b623fa94743c8b6bb9f8f39cf5
7f48485fef07f8c6859081175277489cb30c9aeb14b2a13641c6ac21d42620ee
801735c8d59211f7e66b22c02fa9059b8f1365b870bdcd9400976d7976738446
8103a7e8af1ac9af8bc9088f85314419f8febc71a6ada3bc613fd917bc089bcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
905737db8373d8d800802fe85866cadee513a44df755bd11201142226d73aa94
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
9724a4315cc6faf9613d2ca2c135251beb0be2311f391e24f037050aae497a80
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd
9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd
a5c8acffadd7a1ff83b2b39dc2f3a549b537ef0d46ab028c45020b98fdbadf29
b1bfe5783a5d1dfa85516567b1f43ac93afb2c0d90b95a7d80008f424b79f9b9
b6aa9d23eac053c594937da212ff1193477c943622e0a8a874ba806aa44fb115
baaf2582a03dce267027d0ded4affc43da732338e83f74728564ccf8180caf5e
bc1d7ead91ac09e5d11d23c7add58e859d1ec2617b2965b2edf219d11e22f5a6
bedc50b4b38418e0bf79524007742a952303adcd7ee8bc87136402ac9216f116
c22cd641150af75c2382ef5a798504ab03a328f343793d87bdb07cd095f34ada
c59e62c954fa9f314b94a6a663f42a07c5665edd8c1a811928bb75a3bae81abf
cb2441ad1ee8aed98415472ee2d0a9c7be1c8bef828582c83028a980fc57607b
d7266ad68f70877c3d3d832ad3d0c9191f832d1006b46480e5f29a9b67f13d1a
d7bd1344379eb2ac9631066d92e8675977cfdac8dd9ce4b751c01c3f13725a87
de1d668d0d32dfdf75ac37fcbd6ebd867b7da670ac21b4c4d1d4c172b8a289b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45782f9309634b6ef32c1419963f3fdb137bcd5bc7cd5fe29d031c79314f271
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e83c4fd6e91b977e6378f12a4eb84975570139d7b6e892a997ca7676542c3beb
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5e898959bac0426908ee712c75e35c328ea39b94a26d9999871cca1ef582c3
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f7c8534db085e2ff5fb91ea2c0f495bfdfeefe8554efbd6f3797c0a8fe731630
f9ddad221c4cf674563a356b64c107cb1b263ff930cc05bcc7c1a95920f955e9
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

406.pr-bot.bookingjini.tech Open in urlscan Pro 3.7.88.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

98 %HTTPS

71 %IPv6

21 Domains

29 Subdomains

28 IPs

6 Countries

11108 kBTransfer

15019 kBSize

22 Cookies

0 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

406.pr-bot.bookingjini.tech Open in urlscan Pro
3.7.88.239 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

98 %
HTTPS

71 %
IPv6

21
Domains

29
Subdomains

28
IPs

6
Countries

11108 kB
Transfer

15019 kB
Size

22
Cookies

87 HTTP transactions
3 data transactions