URL: https://booking.prettysim.pl/
Submission: On November 07 via api from US — Scanned from PL

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 19 HTTP transactions. The main IP is 188.93.151.32, located in United States and belongs to FLY, US. The main domain is booking.prettysim.pl.
TLS certificate: Issued by E5 on October 18th 2024. Valid for: 3 months.
This is the only time booking.prettysim.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 188.93.151.32 40509 (FLY)
2 104.21.234.235 13335 (CLOUDFLAR...)
1 138.199.36.8 60068 (CDN77 _)
2 52.222.250.11 16509 (AMAZON-02)
2 104.19.229.21 13335 (CLOUDFLAR...)
1 169.150.247.36 60068 (CDN77 _)
1 13.32.121.46 16509 (AMAZON-02)
2 3.5.132.113 16509 (AMAZON-02)
3 192.0.73.2 2635 (AUTOMATTIC)
3 143.204.215.36 16509 (AMAZON-02)
19 10
Apex Domain
Subdomains
Transfer
3 helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 11645
36 KB
3 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2302
14 KB
2 amazonaws.com
savvycal-uploads.s3.us-east-2.amazonaws.com
438 KB
2 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 8125
newassets.hcaptcha.com — Cisco Umbrella Rank: 5887
51 KB
2 cloudfront.net
d1dpdedfiyqa92.cloudfront.net
968 KB
2 rsms.me
rsms.me — Cisco Umbrella Rank: 9083
340 KB
2 prettysim.pl
booking.prettysim.pl
6 KB
1 profitwell.com
public.profitwell.com — Cisco Umbrella Rank: 13692
9 KB
1 usefathom.com
cdn.usefathom.com — Cisco Umbrella Rank: 18127
2 KB
1 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 10663
1 KB
19 10
Domain Requested by
3 beacon-v2.helpscout.net booking.prettysim.pl
beacon-v2.helpscout.net
3 secure.gravatar.com d1dpdedfiyqa92.cloudfront.net
booking.prettysim.pl
2 savvycal-uploads.s3.us-east-2.amazonaws.com booking.prettysim.pl
2 d1dpdedfiyqa92.cloudfront.net booking.prettysim.pl
2 rsms.me booking.prettysim.pl
rsms.me
2 booking.prettysim.pl d1dpdedfiyqa92.cloudfront.net
1 newassets.hcaptcha.com d1dpdedfiyqa92.cloudfront.net
1 public.profitwell.com booking.prettysim.pl
1 cdn.usefathom.com d1dpdedfiyqa92.cloudfront.net
1 js.hcaptcha.com booking.prettysim.pl
1 fonts.bunny.net booking.prettysim.pl
19 11

This site contains no links.

Subject Issuer Validity Valid
booking.prettysim.pl
E5
2024-10-18 -
2025-01-16
3 months crt.sh
rsms.me
WE1
2024-10-19 -
2025-01-17
3 months crt.sh
fonts.bunny.net
R10
2024-10-02 -
2024-12-31
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
hcaptcha.com
WE1
2024-11-05 -
2025-02-03
3 months crt.sh
cdn.usefathom.com
R11
2024-10-01 -
2024-12-30
3 months crt.sh
*.profitwell.com
Amazon RSA 2048 M02
2024-05-03 -
2025-06-01
a year crt.sh
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01
2024-02-29 -
2025-02-12
a year crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA
2023-12-05 -
2025-01-04
a year crt.sh
*.helpscout.net
Amazon RSA 2048 M03
2024-03-18 -
2025-04-15
a year crt.sh

This page contains 1 frames:

Primary Page: https://booking.prettysim.pl/
Frame ID: 97B5A5899A6EFF83E171E984F638AF3B
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Cor Schutte

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+gravatar\.com/avatar/

Overall confidence: 100%
Detected patterns
  • public\.profitwell\.com/js/profitwell\.js

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

1866 kB
Transfer

4703 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
booking.prettysim.pl/
10 KB
4 KB
Document
General
Full URL
https://booking.prettysim.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.93.151.32 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/c40d39b5 (2024-10-31) /
Resource Hash
8adf80f29b9eac84e663a3db3b8bbb18121058cb102266312c86083903a26266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 14:25:25 GMT
fly-request-id
01JC3G824M1ESBZ5KDR1G3CWGT-waw
referrer-policy
strict-origin-when-cross-origin
server
Fly/c40d39b5 (2024-10-31)
strict-transport-security
max-age=31536000
via
2 fly.io
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
GAW1zU8AN96PtZkAEdOS
inter.css
rsms.me/inter/
7 KB
2 KB
Stylesheet
General
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: booking.prettysim.pl
URL: https://booking.prettysim.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

x-fastly-request-id
909aa0b829dee9aff54e619b583a874be5f8bcc9
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6601abff-1b8d"
age
448
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SGJJY4vfNPwpVm9biC2ytXKXtJsP%2BTGpf8SlLdgo95oTi%2F5IWdN%2BrQjdopHlwB4h3dgnF20m853AL2BGJoT33MVSPhN6yIZucO3xDKvcOsCHC%2BBjdWGNubEm"}],"group":"cf-nel","max_age":604800}
x-github-request-id
AAFC:C6FB2:1C106A4:1CAC71A:671B22A5
expires
Sat, 02 Nov 2024 03:42:35 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=35201&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4086&recv_bytes=4271&delivery_rate=84056&cwnd=12000&unsent_bytes=0&cid=ea80b61188bb5d4c&ts=56&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 07 Nov 2024 14:25:25 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-vie6333-VIE
x-cache-hits
1
last-modified
Mon, 25 Mar 2024 16:53:19 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1730166449.958608,VS0,VE1
via
1.1 varnish
cf-ray
8dedfe15cccb5b8d-VIE
accept-ranges
bytes
access-control-allow-origin
*
content-length
712
x-origin-cache
HIT
server
cloudflare
css
fonts.bunny.net/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.bunny.net/css?family=poppins:400,500,700,800
Requested by
Host: booking.prettysim.pl
URL: https://booking.prettysim.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-36-8.bunnyinfra.net
Software
BunnyCDN-DE1-1048 /
Resource Hash
e2775808a9599cc4030472af019f66e47ece3aecad507db0fa6613be8a515dfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
alt-svc
h3=":443"
date
Thu, 07 Nov 2024 14:25:25 GMT
last-modified
Sun, 20 Oct 2024 12:24:35 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
10/20/2024 12:24:35
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
8a9dabf201c66b3375b3ddd936f4d885
cdn-pullzone
781720
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1048
server
BunnyCDN-DE1-1048
cdn-requestcountrycode
PL
main-df56740ab4e6ac5374051d1dbefa22f7.css
d1dpdedfiyqa92.cloudfront.net/assets/
224 KB
37 KB
Stylesheet
General
Full URL
https://d1dpdedfiyqa92.cloudfront.net/assets/main-df56740ab4e6ac5374051d1dbefa22f7.css?vsn=d
Requested by
Host: booking.prettysim.pl
URL: https://booking.prettysim.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-11.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4329ebb62f11259d1257c6bad3d50060205beb21d60a12809bb104bfde8368dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

x-amz-cf-pop
FRA60-P3
content-encoding
gzip
etag
W/"00c2e365a0fe4a39805b0cc0d8542106"
age
81836
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
c1mTeQIH6j0SOvUKQ8B2QdT-jX4wi0rtKwa2hF9UOI_jhhDifiFX2A==
date
Wed, 06 Nov 2024 23:11:00 GMT
content-type
text/css
vary
accept-encoding, Origin
server
AmazonS3
last-modified
Mon, 04 Nov 2024 15:36:42 GMT
x-amz-server-side-encryption
AES256
app-b884171b4c8370d383c1fd68861625ad.js
d1dpdedfiyqa92.cloudfront.net/assets/
3 MB
932 KB
Script
General
Full URL
https://d1dpdedfiyqa92.cloudfront.net/assets/app-b884171b4c8370d383c1fd68861625ad.js?vsn=d
Requested by
Host: booking.prettysim.pl
URL: https://booking.prettysim.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-11.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec0f907f0478736ba35a2355cbeb8108e91e3cdd56fe86e26d07f6071cefa0f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

x-amz-cf-pop
FRA60-P3
content-encoding
br
etag
W/"b884171b4c8370d383c1fd68861625ad"
age
1230
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
QHinORUW7XVfIY3rAOtctIdYnc47O9aVzi-K230gNUpzXv8H9NnF9w==
date
Thu, 07 Nov 2024 14:04:56 GMT
content-type
application/javascript
vary
accept-encoding, Origin
server
AmazonS3
last-modified
Thu, 07 Nov 2024 14:00:49 GMT
x-amz-server-side-encryption
AES256
api.js
js.hcaptcha.com/1/
147 KB
47 KB
Script
General
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: booking.prettysim.pl
URL: https://booking.prettysim.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219b467e10fa76afadeafcbfdd061aba7856418c3c6d64cf12086c3c51b857b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2b5a35fbd77d40bce698500285e9b2a5"
age
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 14:25:26 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=300
cross-origin-resource-policy
cross-origin
cf-ray
8dedfe19bc19bfc3-WAW
accept-ranges
bytes
content-length
48175
server
cloudflare
script.js
cdn.usefathom.com/
6 KB
2 KB
Script
General
Full URL
https://cdn.usefathom.com/script.js
Requested by
Host: d1dpdedfiyqa92.cloudfront.net
URL: https://d1dpdedfiyqa92.cloudfront.net/assets/app-b884171b4c8370d383c1fd68861625ad.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-36.bunnyinfra.net
Software
BunnyCDN-DE1-1079 /
Resource Hash
4927b7da535c5807c37389f0bbb54116b35cdc2f86a7a74d47175dee008c01d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

cdn-status
200
content-encoding
br
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-vapor-base64-encode
True
date
Thu, 07 Nov 2024 14:25:26 GMT
last-modified
Wed, 11 Sep 2024 17:57:56 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
10/16/2024 12:59:14
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cdn-requestid
23e8e2bbe076376a2144b32d665f2b98
cdn-pullzone
506217
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1079
cdn-requestcountrycode
PL
profitwell.js
public.profitwell.com/js/
35 KB
9 KB
Script
General
Full URL
https://public.profitwell.com/js/profitwell.js?auth=efa46b0c0be3bd8477f358b13952d8f8
Requested by
Host: booking.prettysim.pl
URL: https://booking.prettysim.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fa587a314dc81c64459c4da3444689ea40edbd5086b838accbf4bc24b9431f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"31fb1886066da3a5231257484fd62fea"
x-amz-version-id
ALjSuRmhmtHuV9p9OjyZakPlxWwMkb4t
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
WaTeo1z0I0b_Cm3Mn3-0nkjNyPvvUe5z4XeuVCPU4t5bxspt73Jv0Q==
date
Thu, 07 Nov 2024 14:25:27 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 09:46:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
pl.json
newassets.hcaptcha.com/captcha/v1/05c78a4/static/i18n/
10 KB
4 KB
XHR
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/05c78a4/static/i18n/pl.json
Requested by
Host: d1dpdedfiyqa92.cloudfront.net
URL: https://d1dpdedfiyqa92.cloudfront.net/assets/app-b884171b4c8370d383c1fd68861625ad.js?vsn=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a05a99591053a2b3e491a7e90317281b6b28da8a753c85861cd53a90ba90102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
"260949bcd64c976c23d13bdaa8cfd4b1"
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 07 Nov 2024 15:25:26 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 14:25:26 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
cf-ray
8dedfe1b8b8a3bc5-WAW
accept-ranges
bytes
access-control-allow-origin
*
content-length
3689
server
cloudflare
processed.png
savvycal-uploads.s3.us-east-2.amazonaws.com/uploads/banner/scope/79691/
436 KB
436 KB
Image
General
Full URL
https://savvycal-uploads.s3.us-east-2.amazonaws.com/uploads/banner/scope/79691/processed.png?v=63891037499
Requested by
Host: booking.prettysim.pl
URL: https://booking.prettysim.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.132.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
307099e3cd95e41ddaf1f9da391a9d4e82e2162b0c2b88ac0c5063432625198e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

x-amz-id-2
RyeYFSPVSNiSLCIYlNUPpVc9daBmYtSeoix3qzVsujbsm0LXnv2gNIJfu8LxVX3Flu5fh4NGUbcxe3X11eKhQw==
ETag
"dcf3ef422e4cb2e1e3399d2442f2239f-1"
x-amz-request-id
MDCH9QKY23HCV4VV
Accept-Ranges
bytes
Content-Length
446230
Date
Thu, 07 Nov 2024 14:25:27 GMT
Last-Modified
Fri, 16 Aug 2024 14:25:00 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
public_links
booking.prettysim.pl/api/scopes/scope_01J5B59ETAFF2J47R5J52VKXRV/
3 KB
2 KB
Fetch
General
Full URL
https://booking.prettysim.pl/api/scopes/scope_01J5B59ETAFF2J47R5J52VKXRV/public_links
Requested by
Host: d1dpdedfiyqa92.cloudfront.net
URL: https://d1dpdedfiyqa92.cloudfront.net/assets/app-b884171b4c8370d383c1fd68861625ad.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.93.151.32 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/c40d39b5 (2024-10-31) /
Resource Hash
e1a4c467f86f403c172181b0a7b54a6dc727501308a122799c2c7ad59e5c6439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://booking.prettysim.pl/

Response headers

strict-transport-security
max-age=31536000
x-request-id
GAW1zZPPJbfdMxAAEefh
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-encoding
zstd
access-control-allow-credentials
true
via
2 fly.io
access-control-allow-origin
*
date
Thu, 07 Nov 2024 14:25:25 GMT
content-type
text/html; charset=utf-8
server
Fly/c40d39b5 (2024-10-31)
fly-request-id
01JC3G838SGF4QBVY8QN3J3MY5-waw
InterVariable.woff2
rsms.me/inter/font-files/
337 KB
339 KB
Font
General
Full URL
https://rsms.me/inter/font-files/InterVariable.woff2?v=4.0
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://booking.prettysim.pl
Referer
https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id
36c86a161c269f5e3400aad9d76f05c54728ab16
cf-cache-status
MISS
etag
"6601abff-545f4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y9B9RgGrlTw83l%2B%2FLBdCl2P5yH6QZ26gsvIjJOhTD5ieGsZC5j52cijEKIsaSIeQ%2BHqRWs3FczEUKejxh7PomjcFnu6ntzRPeHPEh3MOQC%2FdLM%2B8NRr1hzdq"}],"group":"cf-nel","max_age":604800}
x-github-request-id
374F:8DEDB:5F62A0F:61990F3:672061D9
expires
Tue, 29 Oct 2024 04:27:29 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=45971&sent=8&recv=6&lost=0&retrans=0&sent_bytes=2110&recv_bytes=4079&delivery_rate=30952&cwnd=12000&unsent_bytes=0&cid=0b7ef411b9feb1a5&ts=69&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 07 Nov 2024 14:25:26 GMT
content-type
font/woff2
x-served-by
cache-vie6378-VIE
x-cache-hits
22
last-modified
Mon, 25 Mar 2024 16:53:19 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1730989526.369645,VS0,VE0
via
1.1 varnish
cf-ray
8dedfe1bbb543266-VIE
accept-ranges
bytes
access-control-allow-origin
*
content-length
345588
x-origin-cache
HIT
server
cloudflare
17675ce487844ba0b274f005928a3271
secure.gravatar.com/avatar/
13 KB
14 KB
Fetch
General
Full URL
https://secure.gravatar.com/avatar/17675ce487844ba0b274f005928a3271?s=256&d=404
Requested by
Host: d1dpdedfiyqa92.cloudfront.net
URL: https://d1dpdedfiyqa92.cloudfront.net/assets/app-b884171b4c8370d383c1fd68861625ad.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b93a6764632dc2cdaf0e325732c764d9ded627e562014f0aa77de819150f6c9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

link
<https://gravatar.com/avatar/17675ce487844ba0b274f005928a3271?s=256&d=404>; rel="canonical"
cache-control
max-age=300
x-nc
HIT ams 3
expires
Thu, 07 Nov 2024 14:30:26 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
13514
date
Thu, 07 Nov 2024 14:25:26 GMT
content-type
image/jpeg
last-modified
Tue, 28 Sep 2021 12:05:51 GMT
server
nginx
content-disposition
inline; filename="17675ce487844ba0b274f005928a3271.jpeg"
17675ce487844ba0b274f005928a3271
secure.gravatar.com/avatar/
13 KB
0
Fetch
General
Full URL
https://secure.gravatar.com/avatar/17675ce487844ba0b274f005928a3271?s=256&d=404
Requested by
Host: d1dpdedfiyqa92.cloudfront.net
URL: https://d1dpdedfiyqa92.cloudfront.net/assets/app-b884171b4c8370d383c1fd68861625ad.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b93a6764632dc2cdaf0e325732c764d9ded627e562014f0aa77de819150f6c9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

link
<https://gravatar.com/avatar/17675ce487844ba0b274f005928a3271?s=256&d=404>; rel="canonical"
cache-control
max-age=300
x-nc
HIT ams 3
expires
Thu, 07 Nov 2024 14:30:26 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
13514
date
Thu, 07 Nov 2024 14:25:26 GMT
content-type
image/jpeg
last-modified
Tue, 28 Sep 2021 12:05:51 GMT
server
nginx
content-disposition
inline; filename="17675ce487844ba0b274f005928a3271.jpeg"
17675ce487844ba0b274f005928a3271
secure.gravatar.com/avatar/
13 KB
0
Image
General
Full URL
https://secure.gravatar.com/avatar/17675ce487844ba0b274f005928a3271?s=256&d=404
Requested by
Host: booking.prettysim.pl
URL: https://booking.prettysim.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b93a6764632dc2cdaf0e325732c764d9ded627e562014f0aa77de819150f6c9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

link
<https://gravatar.com/avatar/17675ce487844ba0b274f005928a3271?s=256&d=404>; rel="canonical"
cache-control
max-age=300
x-nc
HIT ams 3
expires
Thu, 07 Nov 2024 14:30:26 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
13514
date
Thu, 07 Nov 2024 14:25:26 GMT
content-type
image/jpeg
last-modified
Tue, 28 Sep 2021 12:05:51 GMT
server
nginx
content-disposition
inline; filename="17675ce487844ba0b274f005928a3271.jpeg"
/
beacon-v2.helpscout.net/
372 B
863 B
Script
General
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: booking.prettysim.pl
URL: https://booking.prettysim.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-36.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56a9ca28b81aed505717cc0cb8a556baaecc0196944c9487c211a85015dfd9af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

content-encoding
gzip
etag
"83ffb99b464c505ea8b348b07ea9d170"
age
107
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
UrKACkLUjoNyZPnUI3R8hw3hnTF04dCKyXYz5J6mnfyMl5j5Uq7eKw==
date
Thu, 07 Nov 2024 14:23:42 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Tue, 05 Nov 2024 14:46:27 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
max-age=120, s-maxage=120, public
referrer-policy
strict-origin-when-cross-origin
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
286
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA53-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
processed.png
savvycal-uploads.s3.us-east-2.amazonaws.com/uploads/favicon/custom_domain/domain_01JAG5QG1X3JZJF8HV75VHGQQJ/
1 KB
2 KB
Other
General
Full URL
https://savvycal-uploads.s3.us-east-2.amazonaws.com/uploads/favicon/custom_domain/domain_01JAG5QG1X3JZJF8HV75VHGQQJ/processed.png?v=63896486793
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.132.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
58b6e79133e7b54263755c0bf0a5fe03fc7862c133ddeba92ec448159f1704a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

x-amz-id-2
c7C66sucKvEygAK58rH0JHZW27pCSjBwfVCKlm6BoMg1yG7wXKdAiYnGxspK68X6H6iqRE8u4gYaE7NbMyluZw==
ETag
"36429135ae1230ec07245501f00348c7-1"
x-amz-request-id
2PMTSWZXKEVNXY3E
Accept-Ranges
bytes
Content-Length
1351
Date
Thu, 07 Nov 2024 14:25:28 GMT
Last-Modified
Fri, 18 Oct 2024 16:06:33 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
vendor.5fe8f3bc.js
beacon-v2.helpscout.net/static/js/
62 KB
23 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.5fe8f3bc.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-36.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c615d03cee52e9673053fd8588d0e124a318245eb3e831e8f3a9204c6d3c99f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

content-encoding
gzip
etag
"a3d10a46a82feffc1fa974df28b56f57"
age
1317
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
GENycTNo_F7Y5JqjTDBs8FIaQejT3qKkuDGX_37PL_VoaTvB02erdQ==
date
Thu, 07 Nov 2024 14:03:31 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Wed, 30 Oct 2024 13:51:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
max-age=315360000, s-maxage=7200, public
referrer-policy
strict-origin-when-cross-origin
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
22572
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA53-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
main.2f3936fe.js
beacon-v2.helpscout.net/static/js/
31 KB
13 KB
Script
General
Full URL
https://beacon-v2.helpscout.net/static/js/main.2f3936fe.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-36.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04c4b82a213599fe7b91c6bbf1fd4d09585a9532d3392450f9f1ada2d966bf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://booking.prettysim.pl/

Response headers

content-encoding
gzip
etag
"9552a5fc183964edfe46b46b6f2534ee"
age
1317
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
r84UnSUj5TisFe1TXUh0XUDLFQnOg8fD23gG3UFcEcdulkDCaQxisQ==
date
Thu, 07 Nov 2024 14:03:31 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Tue, 05 Nov 2024 14:46:29 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
max-age=315360000, s-maxage=7200, public
referrer-policy
strict-origin-when-cross-origin
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12422
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA53-C1
server
AmazonS3
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CACHE_MANIFEST function| userlist object| SavvyCal object| Alpine function| Beacon function| profitwell object| Raven object| hcaptcha object| grecaptcha object| __fathomClientQueue object| fathom object| beaconJsonp

3 Cookies

Domain/Path Name / Value
booking.prettysim.pl/ Name: XSRF-TOKEN
Value: B2t7CSEVKRQKPDQuFiZsFgo-JUR9CzoGL1IVdRdbdmgOfQ5rOsj6PBIT
booking.prettysim.pl/ Name: _mc_key
Value: SFMyNTY.g3QAAAABbQAAAAtfY3NyZl90b2tlbm0AAAAYS1oyX0VHTXZuUVNhcHdZZEVNT3ItSXNS.U0yV2k8XqWbraartd_yPCDHgknLDrnML7fg9o6OjHok
booking.prettysim.pl/ Name: csrf_token
Value: B2t7CSEVKRQKPDQuFiZsFgo-JUR9CzoGL1IVdRdbdmgOfQ5rOsj6PBIT

1 Console Messages

Source Level URL
Text
network error URL: https://booking.prettysim.pl/api/scopes/scope_01J5B59ETAFF2J47R5J52VKXRV/public_links
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon-v2.helpscout.net
booking.prettysim.pl
cdn.usefathom.com
d1dpdedfiyqa92.cloudfront.net
fonts.bunny.net
js.hcaptcha.com
newassets.hcaptcha.com
public.profitwell.com
rsms.me
savvycal-uploads.s3.us-east-2.amazonaws.com
secure.gravatar.com
104.19.229.21
104.21.234.235
13.32.121.46
138.199.36.8
143.204.215.36
169.150.247.36
188.93.151.32
192.0.73.2
3.5.132.113
52.222.250.11
04c4b82a213599fe7b91c6bbf1fd4d09585a9532d3392450f9f1ada2d966bf4d
0a05a99591053a2b3e491a7e90317281b6b28da8a753c85861cd53a90ba90102
0fa587a314dc81c64459c4da3444689ea40edbd5086b838accbf4bc24b9431f3
219b467e10fa76afadeafcbfdd061aba7856418c3c6d64cf12086c3c51b857b7
307099e3cd95e41ddaf1f9da391a9d4e82e2162b0c2b88ac0c5063432625198e
4329ebb62f11259d1257c6bad3d50060205beb21d60a12809bb104bfde8368dc
4927b7da535c5807c37389f0bbb54116b35cdc2f86a7a74d47175dee008c01d8
56a9ca28b81aed505717cc0cb8a556baaecc0196944c9487c211a85015dfd9af
58b6e79133e7b54263755c0bf0a5fe03fc7862c133ddeba92ec448159f1704a2
8adf80f29b9eac84e663a3db3b8bbb18121058cb102266312c86083903a26266
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
b93a6764632dc2cdaf0e325732c764d9ded627e562014f0aa77de819150f6c9a
c615d03cee52e9673053fd8588d0e124a318245eb3e831e8f3a9204c6d3c99f2
e1a4c467f86f403c172181b0a7b54a6dc727501308a122799c2c7ad59e5c6439
e2775808a9599cc4030472af019f66e47ece3aecad507db0fa6613be8a515dfe
ec0f907f0478736ba35a2355cbeb8108e91e3cdd56fe86e26d07f6071cefa0f8