www.bookings.mytravelagency.com.au Open in urlscan Pro
103.27.34.27  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.bookings.mytravelagency.com.au/	2 KB 1 KB	1279ms 312ms	Document text/html	103.27.34.27 SYNERGYWHOLESALE-...
General Check archive.org Show headers Download Go to Full URL https://www.bookings.mytravelagency.com.au/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 103.27.34.27 , Australia, ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU), Reverse DNS syn311.syd3.hostyourservices.net Software LiteSpeed / Resource Hash 50a01a69504e1ef666545b5a2be3979f0102246fca1c6c9e12dd004d8869b6cc Request headers :method GET :authority www.bookings.mytravelagency.com.au :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 content-type text/html last-modified Tue, 11 Feb 2020 23:23:23 GMT accept-ranges bytes content-encoding br vary Accept-Encoding content-length 1130 date Tue, 11 Feb 2020 23:26:56 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000
GET H2	200	flatlogo.png www.bookings.mytravelagency.com.au/	26 KB 26 KB	610ms 610ms	Image image/png	103.27.34.27 SYNERGYWHOLESALE-...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bookings.mytravelagency.com.au/flatlogo.png Requested by Host: www.bookings.mytravelagency.com.au URL: https://www.bookings.mytravelagency.com.au/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 103.27.34.27 , Australia, ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU), Reverse DNS syn311.syd3.hostyourservices.net Software LiteSpeed / Resource Hash 6cc8f148a5896a588b8ecfdf22a6824c25dd741f67691105297b587d14f5a6aa Request headers Referer https://www.bookings.mytravelagency.com.au/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 11 Feb 2020 23:26:57 GMT last-modified Tue, 11 Feb 2020 23:22:32 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 26741 expires Tue, 18 Feb 2020 23:26:57 GMT
GET H2	200	airbnb_jssdk Show response www.airbnb.com.au/embeddable/	235 KB 238 KB	459ms 392ms	Script application/javascript	2.18.232.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.airbnb.com.au/embeddable/airbnb_jssdk Requested by Host: www.bookings.mytravelagency.com.au URL: https://www.bookings.mytravelagency.com.au/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.232.67 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-67.deploy.static.akamaitechnologies.com Software nginx / Resource Hash ad08a4c2321405396aa6169d8b00bfdd9b23dde1e279b382d81c2b89b5e02308 Security Headers Name Value Content-Security-Policy default-src 'self' https: blob:; child-src * blob:; connect-src 'self' https: wss: *.amap.com *.inspectlet.com; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; media-src 'self' https:; script-src 'self' 'unsafe-eval' a0.muscache.com cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com a.cdn.intentmedia.net maps.googleapis.com ajax.googleapis.com *.g.doubleclick.net www.google.com www.gstatic.com smartlock.google.com accounts.google.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com *.gbc.criteo.net ethn.io s.yimg.jp api.geetest.com cdn.ampproject.org storage.googleapis.com/workbox-cdn/ tagmanager.google.com pay.google.com songbird.cardinalcommerce.com/ blob: webapi.amap.com restapi.amap.com vdata.amap.com *.inspectlet.com 'nonce-4aaf19c0516ad3f2fb6ed52ccf652c'; style-src 'self' https: 'unsafe-inline'; report-uri /tracking/csp?action=airbnb_jssdk&controller=embeddable&report_only=false&req_uuid=7b9a9f10-6713-4578-b4a9-fc1e1a8fd5ce&version=579f98b98603d1b1dfe0a6e8c49cbf61ded4d5c3 Strict-Transport-Security max-age=10886400; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bookings.mytravelagency.com.au/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers content-security-policy default-src 'self' https: blob:; child-src * blob:; connect-src 'self' https: wss: *.amap.com *.inspectlet.com; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; media-src 'self' https:; script-src 'self' 'unsafe-eval' a0.muscache.com cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com a.cdn.intentmedia.net maps.googleapis.com ajax.googleapis.com *.g.doubleclick.net www.google.com www.gstatic.com smartlock.google.com accounts.google.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com *.gbc.criteo.net ethn.io s.yimg.jp api.geetest.com cdn.ampproject.org storage.googleapis.com/workbox-cdn/ tagmanager.google.com pay.google.com songbird.cardinalcommerce.com/ blob: webapi.amap.com restapi.amap.com vdata.amap.com *.inspectlet.com 'nonce-4aaf19c0516ad3f2fb6ed52ccf652c'; style-src 'self' https: 'unsafe-inline'; report-uri /tracking/csp?action=airbnb_jssdk&controller=embeddable&report_only=false&req_uuid=7b9a9f10-6713-4578-b4a9-fc1e1a8fd5ce&version=579f98b98603d1b1dfe0a6e8c49cbf61ded4d5c3 x-erf-bev-bev-is-generated 1 x-content-type-options nosniff content-security-policy-report-only default-src blob: *; child-src blob: *; connect-src blob: *; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; script-src 'self' 'unsafe-eval' webpack.localhost.airbnb.com jira.airbnb.biz *.g.doubleclick.net cdn.siftscience.com ss.musthird.com t1.musthird.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io api.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io blob: webapi.amap.com restapi.amap.com *.inspectlet.com cdn.ampproject.org/v0.js cdn.ampproject.org/v0/ a.alipayobjects.com gw.alipayobjects.com static.t.agrant.cn t.agrantsem.com ditu.google.com *.muscache.cn *.muscache.com ss.musthird.cn www.google.com www.gstatic.com b92.yahoo.co.jp mc.yandex.ru wcs.naver.net static.matterport.com a.cdn.intentmedia.net s.yimg.jp icm.aexp-static.com checkout.americanexpress.com www.paypalobjects.com smartlock.google.com accounts.google.com tagmanager.google.com vdata.amap.com; style-src * blob: 'unsafe-inline'; report-uri /tracking/csp?action=airbnb_jssdk&controller=embeddable&report_only=true&req_uuid=7b9a9f10-6713-4578-b4a9-fc1e1a8fd5ce&version=579f98b98603d1b1dfe0a6e8c49cbf61ded4d5c3 status 200 x-envoy-upstream-service-time 302 server-timing total;dur=294 content-length 240770 x-xss-protection 1; mode=block x-ua-compatible IE=Edge,chrome=1 referrer-policy same-origin server nginx etag "ad63354a36ccfe8eb5ded2db68e450cd" strict-transport-security max-age=10886400; includeSubdomains content-type application/javascript; charset=utf-8 x-erf-bev-bev 1581463617_NzU3Y2NhMTlkOTEx cache-control public, max-age=57 date Tue, 11 Feb 2020 23:26:57 GMT
GET H2	200	widget.js Show response www.drivenow.com.au/nitro/	1 KB 966 B	761ms 704ms	Script text/javascript	2606:4700:10::6814:289a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.drivenow.com.au/nitro/widget.js?gen=1 Requested by Host: www.bookings.mytravelagency.com.au URL: https://www.bookings.mytravelagency.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:289a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2862c4b066006dd5f270c107e9f161e02244efd5464cf2809b9e80530f814ff6 Request headers Referer https://www.bookings.mytravelagency.com.au/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 11 Feb 2020 23:26:57 GMT content-encoding br cf-cache-status BYPASS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript; charset=utf-8 status 200 cache-control no-cache, max-age=0 cf-ray 563a1736e81b64fd-FRA alt-svc h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
GET H/1.1	200 OK	Cookie set AffiliateWidgetIFrame.aspx iwantthatflight.com.au/ Frame D692	0 0	1561ms 306ms	Document text/html	119.9.35.147 RACKSPACE-AS Rack...
General Check archive.org Show headers Download Go to Full URL https://iwantthatflight.com.au/AffiliateWidgetIFrame.aspx?afid=3329 Requested by Host: www.bookings.mytravelagency.com.au URL: https://www.bookings.mytravelagency.com.au/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 119.9.35.147 Wetherill Park, Australia, ASN58683 (RACKSPACE-AS Rackspace.com Sydney, HK), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Host iwantthatflight.com.au Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://www.bookings.mytravelagency.com.au/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.bookings.mytravelagency.com.au/ Response headers Cache-Control private Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/10.0 Set-Cookie ASP.NET_SessionId=o5g5ttgefx043mtasrh5xdi2; path=/; HttpOnly X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Date Tue, 11 Feb 2020 23:26:57 GMT Content-Length 460
GET H/1.1	200 OK	flexiproduct.js Show response aff.bstatic.com/static/affiliate_base/js/	6 KB 3 KB	60ms 18ms	Script application/javascript	5.57.17.90 BOOKING-BV Bookin...
General Check archive.org Show headers Download Go to Full URL https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1581463617052 Requested by Host: www.bookings.mytravelagency.com.au URL: https://www.bookings.mytravelagency.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.57.17.90 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL), Reverse DNS bstatic.com Software nginx / Resource Hash c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://www.bookings.mytravelagency.com.au/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 11 Feb 2020 23:26:57 GMT Content-Encoding br Last-Modified Mon, 03 Feb 2020 14:09:33 GMT Server nginx ETag W/"5e38299d-186e" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=2592000 Transfer-Encoding chunked Timing-Allow-Origin * X-XSS-Protection 1; mode=block Expires Thu, 12 Mar 2020 23:26:57 GMT
GET H/1.1	200 OK	Cookie set flexiproduct.html www.booking.com/ Frame 005F	0 0	324ms 206ms	Document text/html	5.57.17.220 BOOKING-BV Bookin...
General Check archive.org Show headers Download Go to Full URL https://www.booking.com/flexiproduct.html?product=nsb&w=500&h=330&lang=en&aid=1971484&target_aid=1971484&df_num_properties=3&fid=1581463617113& Requested by Host: aff.bstatic.com URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1581463617052 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.57.17.220 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL), Reverse DNS www.booking.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host www.booking.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://www.bookings.mytravelagency.com.au/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.bookings.mytravelagency.com.au/ Response headers Server nginx Date Tue, 11 Feb 2020 23:26:57 GMT Content-Type text/html; charset=UTF-8 Content-Length 27756 Cache-Control private Vary User-Agent, Accept-Encoding Content-Encoding br Set-Cookie bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5vl%2Baf4Gp94oCoOy0eY6MB%2FvDlA%2FkN6MRaXaPgjDsLXmIvsoQyrm984zIGpJODoSjpbPfOLIM%2Bfsf%2Bcmyv%2B5iIc0F1l%2BrRxwH1sJa5DCFCDnAAy35cnDlzz8KEdX2Q1RtIVachKRBoNOo8Br1TPubp9; domain=.booking.com; path=/; expires=Sun, 09-Feb-2025 23:26:57 GMT; Secure; HTTPOnly; SameSite=None Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block
GET H2	200	search_embeddable www.airbnb.com.au/associates/embeddable/ Frame 1897	0 0	317ms 317ms	Document text/html	2.18.232.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.airbnb.com.au/associates/embeddable/search_embeddable?externalPageUrl=https%3A%2F%2Fwww.bookings.mytravelagency.com.au%2F&id=4038 Requested by Host: www.airbnb.com.au URL: https://www.airbnb.com.au/embeddable/airbnb_jssdk Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.232.67 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-67.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Security Headers Name Value Content-Security-Policy connect-src 'self' https: wss://ws.airbnb.com; default-src 'self' https:; font-src 'self' data: https://*.muscache.com fonts.gstatic.com https://use.typekit.net; frame-src *; img-src 'self' https: data:; media-src 'self' https:; script-src 'self' 'unsafe-eval' https://a0.muscache.com https://cdn.siftscience.com https://ss.musthird.com https://t1.musthird.com https://bat.bing.com https://connect.facebook.net https://www.google-analytics.com https://www.googleadservices.com https://tpc.googlesyndication.com https://www.googletagmanager.com https://a.cdn.intentmedia.net https://maps.googleapis.com https://ajax.googleapis.com https://*.g.doubleclick.net https://www.google.com https://www.gstatic.com https://smartlock.google.com https://accounts.google.com https://app.link https://cdn.branch.io https://api.branch.io https://bam.nr-data.net https://js-agent.newrelic.com https://sslwidget.criteo.com https://static.criteo.net https://dis.criteo.com https://widget.us.criteo.com https://*.gbc.criteo.net https://ethn.io https://s.yimg.jp https://api.geetest.com https://cdn.ampproject.org https://storage.googleapis.com/workbox-cdn/ https://tagmanager.google.com https://pay.google.com https://songbird.cardinalcommerce.com/ 'sha256-rAm9O8JPZLtQmd84zMDzhsG5q35JscESxxcaFL7+DDc=' 'sha256-ck0NYnSq6evDrSU3QAgDAso6GSMHXE8SDlqTKWnxpKI=' 'sha256-9ZdLPFhnEQLHZCKEYdkKXUj5at+zztFTTILAt3y65+0=' 'sha256-anj/wlPABxVCuYmPnySD3CBbxtX3l2p5OQbQvHP9FsA=' 'sha256-IBmijTI70MI5yqm9CrYD1Ts0ndWzpYl3q53xisLCtLo='; style-src 'self' https: 'unsafe-inline'; report-uri /tracking/csp?controller=affiliates-loop&action=%2Fassociates%2Fembeddable%2Fsearch_embeddable&req_uuid=bf44c602-3505-4480-bbb2-68b34d965556&version=sha%3D520bc771ba3f&report_only=false; report-to /tracking/csp?controller=affiliates-loop&action=%2Fassociates%2Fembeddable%2Fsearch_embeddable&req_uuid=bf44c602-3505-4480-bbb2-68b34d965556&version=sha%3D520bc771ba3f&report_only=false Strict-Transport-Security max-age=10886400; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.airbnb.com.au :scheme https :path /associates/embeddable/search_embeddable?externalPageUrl=https%3A%2F%2Fwww.bookings.mytravelagency.com.au%2F&id=4038 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://www.bookings.mytravelagency.com.au/ accept-encoding gzip, deflate, br accept-language en-US cookie jitney_client_session_id=aa928ed9-288b-44b3-a56e-1cfa06bf5d28; jitney_client_session_created_at=1581463617; jitney_client_session_updated_at=1581463617; bev=1581463617_NzU3Y2NhMTlkOTEx; cdn_exp_f6632ab691b5e6351=treatment; cdn_exp_2dac1e61a4e3eca82=treatment Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.bookings.mytravelagency.com.au/ Response headers status 200 server nginx content-type text/html; charset=utf-8 vary Accept-Encoding x-content-type-options nosniff x-xss-protection 1; mode=block x-ua-compatible IE=Edge,chrome=1 cache-control no-store, max-age=0, private, must-revalidate content-security-policy connect-src 'self' https: wss://ws.airbnb.com; default-src 'self' https:; font-src 'self' data: https://*.muscache.com fonts.gstatic.com https://use.typekit.net; frame-src *; img-src 'self' https: data:; media-src 'self' https:; script-src 'self' 'unsafe-eval' https://a0.muscache.com https://cdn.siftscience.com https://ss.musthird.com https://t1.musthird.com https://bat.bing.com https://connect.facebook.net https://www.google-analytics.com https://www.googleadservices.com https://tpc.googlesyndication.com https://www.googletagmanager.com https://a.cdn.intentmedia.net https://maps.googleapis.com https://ajax.googleapis.com https://*.g.doubleclick.net https://www.google.com https://www.gstatic.com https://smartlock.google.com https://accounts.google.com https://app.link https://cdn.branch.io https://api.branch.io https://bam.nr-data.net https://js-agent.newrelic.com https://sslwidget.criteo.com https://static.criteo.net https://dis.criteo.com https://widget.us.criteo.com https://*.gbc.criteo.net https://ethn.io https://s.yimg.jp https://api.geetest.com https://cdn.ampproject.org https://storage.googleapis.com/workbox-cdn/ https://tagmanager.google.com https://pay.google.com https://songbird.cardinalcommerce.com/ 'sha256-rAm9O8JPZLtQmd84zMDzhsG5q35JscESxxcaFL7+DDc=' 'sha256-ck0NYnSq6evDrSU3QAgDAso6GSMHXE8SDlqTKWnxpKI=' 'sha256-9ZdLPFhnEQLHZCKEYdkKXUj5at+zztFTTILAt3y65+0=' 'sha256-anj/wlPABxVCuYmPnySD3CBbxtX3l2p5OQbQvHP9FsA=' 'sha256-IBmijTI70MI5yqm9CrYD1Ts0ndWzpYl3q53xisLCtLo='; style-src 'self' https: 'unsafe-inline'; report-uri /tracking/csp?controller=affiliates-loop&action=%2Fassociates%2Fembeddable%2Fsearch_embeddable&req_uuid=bf44c602-3505-4480-bbb2-68b34d965556&version=sha%3D520bc771ba3f&report_only=false; report-to /tracking/csp?controller=affiliates-loop&action=%2Fassociates%2Fembeddable%2Fsearch_embeddable&req_uuid=bf44c602-3505-4480-bbb2-68b34d965556&version=sha%3D520bc771ba3f&report_only=false link <https://a0.muscache.com/airbnb/static/packages/common-a9dbf5a01e2f51f25c32a0127755abf7.css>;rel=preload;as=style;crossorigin=anonymous,<https://a0.muscache.com/airbnb/static/packages/dls/dls-lite_cereal-d9f6fdb2a0dd4a18c37f8ee01de8ec3d.css>;rel=preload;as=style,<https://a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2>;rel=preload;as=font;type=font/woff2;crossorigin=crossorigin,<https://a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2>;rel=preload;as=font;type=font/woff2;crossorigin=crossorigin,<https://a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Bold-bdfb98485e7836ba31b456f65cded088.woff2>;rel=preload;as=font;type=font/woff2;crossorigin=crossorigin etag W/"140df-pjxYjgZHBaA2IQtmRWt6yx0Jtv0" content-encoding gzip x-envoy-upstream-service-time 162 strict-transport-security max-age=10886400; includeSubdomains date Tue, 11 Feb 2020 23:26:57 GMT content-length 17613 set-cookie bev=1581463617_NzU3Y2NhMTlkOTEx; Domain=.airbnb.com.au; Path=/; Expires=Thu, 10 Feb 2022 23:26:57 GMT; Secure flags=268697600; Domain=.airbnb.com.au; Path=/; Secure _user_attributes=%7B%22curr%22%3A%22AUD%22%2C%22device_profiling_session_id%22%3A%221581463617--0102f52bf37657df39424e37%22%2C%22giftcard_profiling_session_id%22%3A%221581463617--a8949660af63b30b83a58a5a%22%2C%22reservation_profiling_session_id%22%3A%221581463617--7737691c292d1fa89c78ebb5%22%7D; Domain=.airbnb.com.au; Path=/; Expires=Fri, 11 Feb 2022 23:26:57 GMT; Secure cache_state=0; path=/associates/embeddable/; Domain=.airbnb.com.au; Secure; x-erf-bev-bev-is-generated 0 x-erf-bev-bev
GET H2	200	widget-entry-gen1-1afff06fee7a1b6d1d23.css www.drivenow.com.au/webdata/nitro/	282 KB 21 KB	15ms 14ms	Stylesheet text/css	2606:4700:10::6814:289a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.drivenow.com.au/webdata/nitro/widget-entry-gen1-1afff06fee7a1b6d1d23.css Requested by Host: www.drivenow.com.au URL: https://www.drivenow.com.au/nitro/widget.js?gen=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:289a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a9396e902f92b8907aac44c95ff2ddafb5ea36f80cfcc0d6a83fa07be44bc6 Request headers Referer https://www.bookings.mytravelagency.com.au/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 11 Feb 2020 23:26:57 GMT content-encoding br cf-cache-status HIT age 58521 status 200 alt-svc h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 last-modified Tue, 11 Feb 2020 05:07:42 GMT server cloudflare etag W/"5e42369e-46724" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/css cache-control private, max-age=31536000 access-control-allow-credentials true cf-ray 563a173b599c64fd-FRA access-control-allow-headers Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Wed, 19 Feb 2020 07:11:35 GMT
GET H2	200	widget-entry-gen1-1afff06fee7a1b6d1d23.js Show response www.drivenow.com.au/webdata/nitro/	462 KB 125 KB	19ms 19ms	Script application/x-javascript	2606:4700:10::6814:289a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.drivenow.com.au/webdata/nitro/widget-entry-gen1-1afff06fee7a1b6d1d23.js Requested by Host: www.drivenow.com.au URL: https://www.drivenow.com.au/nitro/widget.js?gen=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:289a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 497ebf9a50f2109d78830d1fa591df4783b2cf92adf0ec1e6ac60d58d7bafb91 Request headers Referer https://www.bookings.mytravelagency.com.au/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 11 Feb 2020 23:26:57 GMT content-encoding br cf-cache-status HIT age 58521 status 200 alt-svc h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 last-modified Tue, 11 Feb 2020 05:07:42 GMT server cloudflare etag W/"5e42369e-7376c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/x-javascript cache-control private, max-age=31536000 access-control-allow-credentials true cf-ray 563a173b599e64fd-FRA access-control-allow-headers Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Wed, 19 Feb 2020 07:11:35 GMT
GET H2	200	divolte.js Show response divolte.drivenow.com.au/	9 KB 4 KB	704ms 683ms	Script application/javascript	2606:4700:10::6814:289a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://divolte.drivenow.com.au/divolte.js Requested by Host: www.drivenow.com.au URL: https://www.drivenow.com.au/nitro/widget.js?gen=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:289a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed4803ad16acf93f1a26423adec71636edc87eeba2659af7a86bf4291df8ffa4 Request headers Referer https://www.bookings.mytravelagency.com.au/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 11 Feb 2020 23:26:58 GMT content-encoding br cf-cache-status BYPASS server cloudflare etag W/"gz+7UgDrRas+T8aJkI63scWNu3IfuuiZZr3qGv0KR34/6Q=" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=3600 cf-ray 563a173b79a764fd-FRA alt-svc h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	2 KB 684 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto&display=swap Requested by Host: www.bookings.mytravelagency.com.au URL: https://www.bookings.mytravelagency.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.bookings.mytravelagency.com.au/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 11 Feb 2020 23:26:57 GMT server ESF date Tue, 11 Feb 2020 23:26:57 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 11 Feb 2020 23:26:57 GMT

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| _i_ function| _r_ object| BookingAff object| babelHelpers function| applyFocusVisiblePolyfill object| AirbnbAPI object| ___DrivenowHostSettings object| webpack-drivenow-nitro function| setImmediate function| clearImmediate number| __mobxInstanceCount undefined| __mobxGlobals object| regeneratorRuntime boolean| __drivenowWidgetEmbedderLoaded object| $MUID function| $W10NOOP function| $initComponents function| $initGlobals function| depot object| divolte

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 16:39:19	Name: IDE Value: AHWqTUnEDh0HKMMdt1CuY5vQKKD75eCdCZg4n7PoMjGwgGxC3l3YCZcYIcg0Ycj5
			.airbnb.com.au/	1970-01-19 09:27:19	Name: _gcl_au Value: 1.1.388268218.1581463618
			.airbnb.com.au/	1970-01-19 07:19:10	Name: jitney_client_session_updated_at Value: 1581463618
			iwantthatflight.com.au/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: o5g5ttgefx043mtasrh5xdi2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aff.bstatic.com
divolte.drivenow.com.au
fonts.googleapis.com
iwantthatflight.com.au
www.airbnb.com.au
www.booking.com
www.bookings.mytravelagency.com.au
www.drivenow.com.au
103.27.34.27
119.9.35.147
2.18.232.67
2606:4700:10::6814:289a
2a00:1450:4001:81e::200a
5.57.17.220
5.57.17.90
00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7
11a9396e902f92b8907aac44c95ff2ddafb5ea36f80cfcc0d6a83fa07be44bc6
2862c4b066006dd5f270c107e9f161e02244efd5464cf2809b9e80530f814ff6
497ebf9a50f2109d78830d1fa591df4783b2cf92adf0ec1e6ac60d58d7bafb91
50a01a69504e1ef666545b5a2be3979f0102246fca1c6c9e12dd004d8869b6cc
6cc8f148a5896a588b8ecfdf22a6824c25dd741f67691105297b587d14f5a6aa
ad08a4c2321405396aa6169d8b00bfdd9b23dde1e279b382d81c2b89b5e02308
c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6
ed4803ad16acf93f1a26423adec71636edc87eeba2659af7a86bf4291df8ffa4