urlscan.io logo urlscan.io
SecurityTrails logo

uat-admin-ui.avenuebooking.com Open in urlscan Pro
18.66.147.15  Public Scan

Go To Rescan Add Verdict Report
URL: https://uat-admin-ui.avenuebooking.com/
Submission: On February 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 18.66.147.15, located in United States and belongs to AMAZON-02, US. The main domain is uat-admin-ui.avenuebooking.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 30th 2023. Valid for: a year.
This is the only time uat-admin-ui.avenuebooking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 18.66.147.15 16509 (AMAZON-02)
16 1
Apex Domain
Subdomains		 Transfer
16 avenuebooking.com
uat-admin-ui.avenuebooking.com
259 KB
16 1
Domain Requested by
16 uat-admin-ui.avenuebooking.com uat-admin-ui.avenuebooking.com
16 1

This site contains no links.

Subject Issuer Validity Valid
*.avenuebooking.com
Amazon RSA 2048 M02		 2023-08-30 -
2024-09-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://uat-admin-ui.avenuebooking.com/
Frame ID: 7E081B036BA365512A94D4BC32AF10EB
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Avenue

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

259 kB
Transfer

810 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uat-admin-ui.avenuebooking.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/ Next.js
Resource Hash
8d3dae7cb4a671bc99db53256fa018c2ec16a64faaad1fbdcdde47e421e2272b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Tue, 13 Feb 2024 06:07:21 GMT
etag
"4wrcjmazvc2a6"
referrer-policy
origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-id
Eq0dAf4UI8Q8SJoitnwT0eIX7_mT9Mqh35_aZ5knB9TsDDs5HEyZmA==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js
x-xss-protection
1; mode=block
f98f2e7aa71cd26f.css
uat-admin-ui.avenuebooking.com/_next/static/css/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/css/f98f2e7aa71cd26f.css
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
665216ad172fb423711a694fd06d50aae2138e3492eb8332a39d8ecd04dc4290
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"5e6e-18d9d081be7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
4ysNeeDiR00vIb4HVXzBscHx-L5uRMnlJym68utreVBACI5xpmpjjA==
b8e5ae5d33a6ef62.css
uat-admin-ui.avenuebooking.com/_next/static/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/css/b8e5ae5d33a6ef62.css
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
9196a081b85aa69720240b1e97690532cc3168a6bafbbbbff8299ca5341105b4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"144f-18d9d081beb"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
vX7H_hLfeN3ieWQlhv4vdWu23Ghxoyr_QlZQlqHoOEJo2pSDdCKZFw==
webpack-f3d450a8aeb7ebf2.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/webpack-f3d450a8aeb7ebf2.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
85f6b3d646b1d3607abc339cf557ae4f48bf6f0d296a686e59a83b05d3ab4c5a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"13cc-18d9d081bd7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
St7HHKdnggKLPQzFHowlHBbJxeU0qwJupoc3Jc6lIbvSWgz7hq2nIg==
framework-523bbabe2de40217.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/framework-523bbabe2de40217.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
3cbf94b3c4ff22d70092601e71023fc6b6f0372861a1ec0064f5fdcbd4f689e3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"226c9-18d9d081bd7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
fzT_asBFySlQRh5t5Vm3W8SiG9z0ldlgiwKOKC2cTRE5ywQcQhKR6Q==
main-7caf1a2bd6f95bd7.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/main-7caf1a2bd6f95bd7.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
0a70c4cc08961f8441dcc35358c22c7d865b7edf0d589ef4bdffd7af66fe9698
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"18315-18d9d081bcb"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
chBbWZTeLV7FyjdqYbzzOUr3jldoTeBVRT_caHk4f3GwOd6Coa20oQ==
_app-1ab1a2d86fc05930.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/pages/ 		319 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/pages/_app-1ab1a2d86fc05930.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
efb559bdd20d0cc232ecd818e2d76a6a6e6af977795ac5040fba69fee0d3b668
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"4fb56-18d9d081bcb"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
qAviMbKiQqsQqCKzjWECRPReorqp0Unr1_Tdq858ViEzabpcvlc10w==
8864-e7fe6dab09f5c371.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/ 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/8864-e7fe6dab09f5c371.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
b45437c818bb7e18eba858c1c3f9d1ea31ac786344eb2259e2b1ad135f98dc3c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"1e712-18d9d081bd7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
fvdYcbB2ZsFaFUjE9x8ZZJeoRekVD3hIJVcjMTovl95OkDwFt8_S8w==
5070-d602fa3a70aa6496.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/5070-d602fa3a70aa6496.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
c9b87606a2560e4ce4ecc090761005b027c15ea2a348b73002c58e80df5fe885
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"3416-18d9d081bd7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
LSxbKCfVxJpYKjE6d1T1mswBJ_s5eVYhLf4b1W76IEA-usk6dZpXxQ==
7091-a299f3707e3eef58.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/7091-a299f3707e3eef58.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
1c7464eb3689d9160aa7585c09c584a4171339e8824de8b263f66b2d8604990b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"2d9d-18d9d081bd7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
JGZbkytGijR1QslRFRsOacV3yQh3eGUB0im9bYwo_SyLvuaGPVm2lg==
4683-593a61016870f25b.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/4683-593a61016870f25b.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
9345c109cb167809f40b6293cfcb371556abf8ad8a4c2156644908398d584f69
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"2204-18d9d081bd7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
RaORTOnzBy95ubciyniS55KVr8aeMduoNs7OKO939_EmW9nm-RWtwg==
7081-90e30e843fa548ff.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/7081-90e30e843fa548ff.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
5b73bc18204ea0b78c9debb4205bf8c6bc30e1ebd808194ce8775f3d1ce75150
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"8898-18d9d081bd7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
_YfnVQ2GkrbwQX2q7YQNCpxWVgYbHqhABgKBiajS7XBkejTTHIvE-w==
9163-f9c372fe75534499.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/9163-f9c372fe75534499.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
3d18bcd348015668bd819362169a89feb67433ccb329cbed96f15f08c891897f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"1f47-18d9d081be3"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
eNqSpeQHCvpDELkaoqgzqsCboO18hl-yWd__ezwI888xEU-4k0d2Rw==
index-7f78770e4c01cc7b.js
uat-admin-ui.avenuebooking.com/_next/static/chunks/pages/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/chunks/pages/index-7f78770e4c01cc7b.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
71bb2e891a9b21763012959ee4506fbb8f8cbb249c21d7f7d271352399e324c8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"3be8-18d9d081bcf"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
pnKjhX4w-vu6WNB5hDbd6VG4Js_aavopOXy-7WowJIzkukApAmBTQg==
_buildManifest.js
uat-admin-ui.avenuebooking.com/_next/static/_3SxoUHkByULccHTfHTH5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/_3SxoUHkByULccHTfHTH5/_buildManifest.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
d5fc4a35879a0fee8655cb4dc65780711418848bb09ee60e91e613478f5d55ad
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:16:10 GMT
etag
W/"2038-18d9d081be7"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
Ri5XeEM5u_7SuEXlgr9f0wZnc8z3DA0jf4MW9Co1cirGjsNizMI2AA==
_ssgManifest.js
uat-admin-ui.avenuebooking.com/_next/static/_3SxoUHkByULccHTfHTH5/ 		80 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-admin-ui.avenuebooking.com/_next/static/_3SxoUHkByULccHTfHTH5/_ssgManifest.js
Requested by
Host: uat-admin-ui.avenuebooking.com
URL: https://uat-admin-ui.avenuebooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-15.fra60.r.cloudfront.net
Software
/
Resource Hash
678f6ce2cb80b1fe72fc67e7412be6e2ab6ada083111b64f7c40d35e3cba5e00
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-admin-ui.avenuebooking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 06:07:22 GMT
content-security-policy
script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-length
80
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 11:17:18 GMT
etag
W/"50-18d9d092613"
x-frame-options
DENY
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
30QlDPvoVaelekEkZJz8Z43rtpUgU5YgiYwqBp0NPPL92MgrKKVFIw==

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST

1 Cookies

Domain/Path Name / Value
uat-admin-ui.avenuebooking.com/ Name: INGRESSCOOKIE
Value: 1707804442.916.22429.74287|cf86f82d7d4321c78e435d27e97b724a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block