portal.lookingforbooking.com Open in urlscan Pro
20.82.22.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://business.lookingforbooking.com/
Effective URL:
https://portal.lookingforbooking.com/
Submission: On July 27 via automatic, source certstream-suspicious (July 27th 2024, 5:46:25 am UTC) — Scanned from NL

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 20.82.22.191, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is portal.lookingforbooking.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on March 9th 2024. Valid for: 6 months.

This is the only time portal.lookingforbooking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	20.82.22.191 20.82.22.191	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.105.232.25 20.105.232.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
22	10

9 20.82.22.191 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

business.lookingforbooking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portal.lookingforbooking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.105.232.25 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api-portal.lookingforbooking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	lookingforbooking.com 1 redirects business.lookingforbooking.com portal.lookingforbooking.com api-portal.lookingforbooking.com	1 MB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3618 ka-f.fontawesome.com — Cisco Umbrella Rank: 7493	189 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	162 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
22	7

	Domain	Requested by
8	portal.lookingforbooking.com	portal.lookingforbooking.com
5	ka-f.fontawesome.com	kit.fontawesome.com portal.lookingforbooking.com
2	api-portal.lookingforbooking.com	portal.lookingforbooking.com
2	www.googletagmanager.com	portal.lookingforbooking.com www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.jsdelivr.net	portal.lookingforbooking.com
1	kit.fontawesome.com	portal.lookingforbooking.com
1	fonts.googleapis.com	portal.lookingforbooking.com
1	business.lookingforbooking.com	1 redirects
22	10

This site contains links to these domains. Also see Links.

Domain
secure.lookingforbooking.com

Subject Issuer	Validity	Valid
portal.lookingforbooking.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-03-09` - `2024-09-09`	6 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
ka-f.fontawesome.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
api-portal.lookingforbooking.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-05-29` - `2024-11-29`	6 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portal.lookingforbooking.com/
Frame ID: F3D54C77A9065D1E105808628AA8CFE8
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LookingforBooking Corporate Travel

Page URL History Show full URLs

https://business.lookingforbooking.com/ HTTP 301
https://portal.lookingforbooking.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

1557 kB
Transfer

4795 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.lookingforbooking.com/secur/forgotpassword.jsp
Title: Wachtwoord vergeten?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://business.lookingforbooking.com/ HTTP 301
https://portal.lookingforbooking.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portal.lookingforbooking.com/
Redirect Chain

https://business.lookingforbooking.com/
https://portal.lookingforbooking.com/

2 KB
1 KB

185ms
69ms

Document
text/html

20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.lookingforbooking.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

72d4bc85e9b342bf8c9f3a544d51b2c1242a5455c576fefd53cc3d5e5c9ef9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: public, must-revalidate, max-age=30
content-encoding: br
content-type: text/html
date: Sat, 27 Jul 2024 05:46:15 GMT
etag: "54759670"
last-modified: Tue, 23 Jul 2024 09:13:07 GMT
permissions-policy: camera=(), microphone=(), geolocation=(self), interest-cohort=()
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Sat, 27 Jul 2024 05:46:15 GMT
location: https://portal.lookingforbooking.com/
permissions-policy: camera=(), microphone=(), geolocation=(self), interest-cohort=()
x-frame-options: DENY

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
2 KB 117ms
39ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Requested by

Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0c4dc54f76b3ed86c0ffe83ff98f7d2b0cd8c3de92bca47159b3dd8d948b78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jul 2024 05:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 04:29:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jul 2024 05:46:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
73 KB 101ms
30ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M4X5XV5

Requested by

Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c031b915d76067345242dcc1942ed89fe83875b5fa37b9051295b96a5171055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74392
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jul 2024 05:46:16 GMT

GET
H2 200 efcce51d06.js Show response
kit.fontawesome.com/ 13 KB
5 KB 555ms
484ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/efcce51d06.js
Requested by: Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b866bc7254696e826b6a4ff14dbbbb389a7ceddb9040c2d98a4182acd8aa7e

Request headers

Referer
Origin: https://portal.lookingforbooking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8a9a53faaf9a0482-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F-SIwCHz9rLmAaFBNvcj

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
89 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GB0NCXY01Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4X5XV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a8a820cebd5a4a4041738bad071ded251ae387739a0a0f006fd02b22fbf5253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jul 2024 05:46:16 GMT

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 94 KB
22 KB 73ms
40ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=efcce51d06
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/efcce51d06.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
server: cloudflare
etag: W/"4ca760f49cd8a14911c81e6c14328874"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoXvLI5Va%2F8bL9jUfG68gSfJHZyCjMkCjCxPXmUwRk8KwA%2F%2Bg51QjrTuBTF4CjeXt4YFhsYq0uO%2BK7cKsPHBOTrh0xGq1A5RpSAfY2ltAGzb5J%2FfAi%2Ft%2F4gunD26dL87jSlMZGDlEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a9a53fdfcab19a0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: O9LnNNEg0IX40V_U6EPRTxmFChd6xV9m1GBK2Tyr5nzT56NBjGa3GQ==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 27 KB
5 KB 72ms
39ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=efcce51d06
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/efcce51d06.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
content-encoding: gzip
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: W/"5e5b0d8c7be5919570a305b6bc229a36"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4zop2kASzrQInLB4ncWFLtbGWSsg21LZHR1ZfpLkOI%2BcqAe0C42zvr8yHWkD7qbZsBgVOLsYZzPaefeTyFFPruA833YNZWT0D%2BmY16N1i5zy4vXrw6T6BAzX%2FZQ47HW78ww52E0eg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a9a53fdfcac19a0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: P1nzDTlwRJENpiURl8HLImBq75Ndn-KQJl2cRfPfVTRKl3l3zBSyFw==

GET
H3 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 823 B
980 B 224ms
190ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=efcce51d06
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/efcce51d06.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: W/"8972ae5004bc634ffa6641be3960e78a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNCqt%2BY0ZaFXbdhylPtmm77EnJcuqpohQV1mmnmSgS1Mb%2F3AIPzrrVIMyeq3sbUCBoub2f3IOYGTNamqhrJxmhpTV74AC37Sccu80awJ%2BtgghxCBh5iBDIlxgkg%2FSY1MTkJGXllW6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a9a53fdfcaf19a0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: -FnKxK7fLQSw4zc9ht-utaAEgbzdaanQZS_GJ7zJH6ueL-nSvt_SxA==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 2 KB
1 KB 73ms
40ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=efcce51d06
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/efcce51d06.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
content-encoding: gzip
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: W/"a5a0c9048efb7cb5df90023064d09ba4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8717yWU7nXf9ZJw08hqhBnFOU1yjlbkFYXm2Yv%2Bitwl7S9GaSvSRsw6McQnMEu%2F6agJai75WmFFIVXZtH9cjX%2FX6O9TTQVtxhiOcNtMMu8rszol2mfNHckSrdyt5s0Ac5HxwFS6bkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a9a53fdfcad19a0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 785OkiLpXulplezSY8ZUJAlv3erGt-0NcQZZzhJrkhLwkj_lxSCOtg==

GET
H2 200 chunk-vendors.58cfc15b.js Show response
portal.lookingforbooking.com/js/ 2 MB
567 KB 484ms
482ms Script
text/javascript 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.lookingforbooking.com/js/chunk-vendors.58cfc15b.js

Requested by

Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

53fd2cf151afb8a92dbbe680cddde53bcd3410c1985046f480154d6dadba3ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.lookingforbooking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:15 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Tue, 23 Jul 2024 09:13:07 GMT
x-content-type-options: nosniff
etag: "54759670"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
x-frame-options: DENY
cache-control: public, must-revalidate, max-age=30
permissions-policy: camera=(), microphone=(), geolocation=(self), interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 app.290be3dd.js Show response
portal.lookingforbooking.com/js/ 1 MB
291 KB 46ms
44ms Script
text/javascript 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.lookingforbooking.com/js/app.290be3dd.js

Requested by

Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

57b48ab103c9206eae258595a3d1d65a6ab23cef771b2fc6a4ed20830bec3e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.lookingforbooking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:15 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Tue, 23 Jul 2024 09:13:07 GMT
x-content-type-options: nosniff
etag: "54759670"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
x-frame-options: DENY
cache-control: public, must-revalidate, max-age=30
permissions-policy: camera=(), microphone=(), geolocation=(self), interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 chunk-vendors.7b6afba1.css
portal.lookingforbooking.com/css/ 56 KB
9 KB 30ms
29ms Stylesheet
text/css 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.lookingforbooking.com/css/chunk-vendors.7b6afba1.css

Requested by

Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

109a0469cc3ae5a213baa13ceabc03923b2ade2d9d445e1652109609b69639e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.lookingforbooking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:15 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Tue, 23 Jul 2024 09:13:07 GMT
x-content-type-options: nosniff
etag: "54759670"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/css
x-frame-options: DENY
cache-control: public, must-revalidate, max-age=30
permissions-policy: camera=(), microphone=(), geolocation=(self), interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 app.9077f47a.css
portal.lookingforbooking.com/css/ 44 KB
8 KB 19ms
19ms Stylesheet
text/css 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.lookingforbooking.com/css/app.9077f47a.css

Requested by

Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

69798cd1729e2ab624cca71f256fb88d26ec50f813dc6ae3700dd4df576214e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.lookingforbooking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:15 GMT
content-encoding: br
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Tue, 23 Jul 2024 09:13:07 GMT
x-content-type-options: nosniff
etag: "54759670"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/css
x-frame-options: DENY
cache-control: public, must-revalidate, max-age=30
permissions-policy: camera=(), microphone=(), geolocation=(self), interest-cohort=()
x-xss-protection: 1; mode=block

GET
H2 200 bulma.min.css
cdn.jsdelivr.net/npm/bulma@0.9.4/css/ 202 KB
28 KB 131ms
36ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.min.css

Requested by

Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/css/app.9077f47a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3a5d3b41d7042369ade00772eead0763e9839d79568fb91ad612b2734bcfef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7231517
x-jsd-version: 0.9.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27578
x-served-by: cache-fra-eddf8230095-FRA, cache-lga21942-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"329c6-nL+P0n9QpqJ97JxmCBpSBWnGeaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HcRjjHjetDC%2BtDUB7JFpsCXdbfXTbX792pNfP66NUJIDqF2WlosknxZhmg6gquKrPLvOvd7cpe3KUw8sRTZ7s86H5TfYx%2FGlLtXh%2FvbQkaMwmr1wOOJjW5lLFiT8vd7nxjvtbOwSnADnwzNDzFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a9a53fe88383a82-FRA

POST
H2 401 validate Show response
api-portal.lookingforbooking.com/authentication/ 53 B
456 B 291ms
112ms XHR
application/json 20.105.232.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-portal.lookingforbooking.com/authentication/validate
Requested by: Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/js/chunk-vendors.58cfc15b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.105.232.25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 2442a455cff8368989af28601b62d0c46dd3e58b7cd6c5b07a8e0319c94ddcc5

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://portal.lookingforbooking.com
x-trace-id: 00-ef681900fe4aea02d403f2050d28e6eb-01ece920426d4be4-01
date: Sat, 27 Jul 2024 05:46:17 GMT
access-control-allow-credentials: true
server: Kestrel
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63d91c26d7c5af98533bf6db05fdf6d9f98b62d7442329e732ce4355b06d6563

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 153 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e55319d1fb32c47f7183cd94b8b9399dffda1b4e4dc25b000d88c59937aa076e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 50ms
20ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GB0NCXY01Z&gtm=45je47o0v9108061283z89102083146za200zb9102083146&_p=1722059176021&gcd=13l3l3l2l3&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1443165456.1722059177&ul=nl-nl&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&ngs=1&_s=1&dt=login&sid=1722059177&sct=1&seg=0&dl=https%3A%2F%2Fportal.lookingforbooking.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.locale=nl&up.locale=nl&tfd=1861
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GB0NCXY01Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 05:46:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.lookingforbooking.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 portal-init Show response
api-portal.lookingforbooking.com/reservation/ 84 B
638 B 224ms
59ms XHR
application/json 20.105.232.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-portal.lookingforbooking.com/reservation/portal-init
Requested by: Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/js/chunk-vendors.58cfc15b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.105.232.25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 5723098b727b695a8004535f16eab49c58a7dddddab0bb913253b59015876d4a

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://portal.lookingforbooking.com
x-trace-id: 00-7a286869d9e4d52e3966dada23c45451-b42a77a39d0df028-01
date: Sat, 27 Jul 2024 05:46:17 GMT
access-control-allow-credentials: true
server: Kestrel
content-type: application/json; charset=utf-8

GET
H2 200 logo-corporate-travel-color.11343d5c.svg
portal.lookingforbooking.com/img/ 18 KB
18 KB 19ms
18ms Image
image/svg+xml 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.lookingforbooking.com/img/logo-corporate-travel-color.11343d5c.svg

Requested by

Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/css/app.9077f47a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

36e9892ed2bcc42e104c98b9046a33bdcf043662589eb47e9c96e12551123a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.lookingforbooking.com/css/app.9077f47a.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2024 09:13:07 GMT
etag: "54759670"
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, must-revalidate, max-age=30
permissions-policy: camera=(), microphone=(), geolocation=(self), interest-cohort=()
content-length: 18498
x-xss-protection: 1; mode=block

GET
H2 200 bg.d1bb6872.jpg
portal.lookingforbooking.com/img/ 231 KB
231 KB 20ms
19ms Image
image/jpeg 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.lookingforbooking.com/img/bg.d1bb6872.jpg

Requested by

Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/css/app.9077f47a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08e9541767a4fd899650a02606e9660c05a8a9a836d4e4501146b719e8445389

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.lookingforbooking.com/css/app.9077f47a.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:16 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2024 09:13:07 GMT
etag: "54759670"
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=30
permissions-policy: camera=(), microphone=(), geolocation=(self), interest-cohort=()
content-length: 236566
x-xss-protection: 1; mode=block

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 148ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.lookingforbooking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 14:56:39 GMT
x-content-type-options: nosniff
age: 312578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:56:39 GMT

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ 154 KB
154 KB 33ms
32ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2
Requested by: Host: portal.lookingforbooking.com
URL: https://portal.lookingforbooking.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2

Request headers

Referer: https://portal.lookingforbooking.com/
Origin: https://portal.lookingforbooking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:17 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 157192
last-modified: Mon, 15 Jul 2024 22:44:08 GMT
server: cloudflare
etag: "76cf3ff0dbd23dd4504e2089f0df4acb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NL3p6qL9O05xw6GrrNkDOz5MvrKgy%2Bh8zB4mKFFc13IT14%2BeJotDPmLMC5eWptTpagFqbKDGyIewIxqNLstY0Jy68NewdMnIuHpDEAANwGIwHQRyiz75ViE0e%2Bz2n5ztbCwOU0%2BiDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8a9a5402089019a0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: yzYpLUZX5nrFGmiIYN1dDtx4Me4FGSJqb1TmfAiUXJzN7rIgQbJ3gg==

GET
H2 200 favicon.ico
portal.lookingforbooking.com/ 2 KB
2 KB 20ms
20ms Other
image/vnd.microsoft.icon 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.lookingforbooking.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2ef617351218d8fff2be80976e6b77ebc3d0e8bfda1f392242e331088e21e80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.lookingforbooking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 05:46:17 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2024 09:13:07 GMT
etag: "54759670"
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: image/vnd.microsoft.icon
cache-control: public, must-revalidate, max-age=30
permissions-policy: camera=(), microphone=(), geolocation=(self), interest-cohort=()
content-length: 2316
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lookingforbooking.com/	1970-01-21 07:56:59	Name: _ga_GB0NCXY01Z Value: GS1.1.1722059177.1.0.1722059177.0.0.0
.lookingforbooking.com/	1970-01-21 07:56:59	Name: _ga Value: GA1.1.1443165456.1722059177
.api-portal.lookingforbooking.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 6d0fc66f2cc640f85889741ef0ae3cd85fbbb6ef5faa4cbd816ebc4678a6d7a5
.api-portal.lookingforbooking.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 6d0fc66f2cc640f85889741ef0ae3cd85fbbb6ef5faa4cbd816ebc4678a6d7a5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api-portal.lookingforbooking.com/authentication/validate Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-portal.lookingforbooking.com
business.lookingforbooking.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
portal.lookingforbooking.com
region1.google-analytics.com
www.googletagmanager.com
172.67.139.119
20.105.232.25
20.82.22.191
2001:4860:4802:32::36
2606:4700:4400::6812:2844
2606:4700::6812:bb1f
2a00:1450:4001:800::2008
2a00:1450:4001:803::200a
2a00:1450:4001:828::2003
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
08e9541767a4fd899650a02606e9660c05a8a9a836d4e4501146b719e8445389
109a0469cc3ae5a213baa13ceabc03923b2ade2d9d445e1652109609b69639e6
1a8a820cebd5a4a4041738bad071ded251ae387739a0a0f006fd02b22fbf5253
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
2442a455cff8368989af28601b62d0c46dd3e58b7cd6c5b07a8e0319c94ddcc5
2ef617351218d8fff2be80976e6b77ebc3d0e8bfda1f392242e331088e21e80f
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2
36e9892ed2bcc42e104c98b9046a33bdcf043662589eb47e9c96e12551123a03
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
53fd2cf151afb8a92dbbe680cddde53bcd3410c1985046f480154d6dadba3ae5
5723098b727b695a8004535f16eab49c58a7dddddab0bb913253b59015876d4a
57b48ab103c9206eae258595a3d1d65a6ab23cef771b2fc6a4ed20830bec3e8b
63d91c26d7c5af98533bf6db05fdf6d9f98b62d7442329e732ce4355b06d6563
69798cd1729e2ab624cca71f256fb88d26ec50f813dc6ae3700dd4df576214e9
6c031b915d76067345242dcc1942ed89fe83875b5fa37b9051295b96a5171055
72d4bc85e9b342bf8c9f3a544d51b2c1242a5455c576fefd53cc3d5e5c9ef9e1
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
ad3a5d3b41d7042369ade00772eead0763e9839d79568fb91ad612b2734bcfef
b5b866bc7254696e826b6a4ff14dbbbb389a7ceddb9040c2d98a4182acd8aa7e
c0c4dc54f76b3ed86c0ffe83ff98f7d2b0cd8c3de92bca47159b3dd8d948b78a
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
e55319d1fb32c47f7183cd94b8b9399dffda1b4e4dc25b000d88c59937aa076e
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

portal.lookingforbooking.com Open in urlscan Pro 20.82.22.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

67 %IPv6

7 Domains

10 Subdomains

10 IPs

3 Countries

1557 kBTransfer

4795 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

1 Console Messages

Security Headers

Indicators

portal.lookingforbooking.com Open in urlscan Pro
20.82.22.191 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

1557 kB
Transfer

4795 kB
Size

4
Cookies

22 HTTP transactions
3 data transactions