booking.temptation-experience.com Open in urlscan Pro
216.25.35.202  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response booking.temptation-experience.com/	3 KB 2 KB	255ms 75ms	Document text/html	216.25.35.202 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://booking.temptation-experience.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.25.35.202 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS mail.beachcitycomputers.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4dd835dd97ba48cca3b3c026982e27e7febe61e07d839a5c2a58838de7f3fa7a Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes cache-control public,max-age=432000 content-encoding gzip content-length 1470 content-type text/html date Thu, 04 Jul 2024 06:50:28 GMT etag "03bf956e9e7d81:0" last-modified Mon, 24 Oct 2022 20:43:58 GMT server Microsoft-IIS/10.0 vary Accept-Encoding x-powered-by ASP.NET
GET H2	200	jquery-ui.css code.jquery.com/ui/1.13.1/themes/smoothness/	36 KB 9 KB	75ms 23ms	Stylesheet text/css	151.101.194.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.13.1/themes/smoothness/jquery-ui.css Requested by Host: booking.temptation-experience.com URL: https://booking.temptation-experience.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash d1587bfde4c7ae469cdac61e2f0a1b1276eacf9d3e7dc1fd0f81c16babb7fb87 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 06:50:28 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 5607301 x-cache HIT, HIT content-length 8444 x-served-by cache-lga21920-LGA, cache-yyz4536-YYZ last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1720075829.682308,VS0,VE0 etag W/"28feccc0-8f36" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 1760, 1016
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/	160 KB 26 KB	77ms 23ms	Stylesheet text/css	151.101.1.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css Requested by Host: booking.temptation-experience.com URL: https://booking.temptation-experience.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Origin https://booking.temptation-experience.com Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 04 Jul 2024 06:50:28 GMT x-content-type-options nosniff content-encoding br age 178876 x-jsd-version 5.1.3 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 26333 x-served-by cache-fra-etou8220101-FRA, cache-yyz4573-YYZ x-jsd-version-type version etag W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET		temptation-experience-resorts-and-cruises.png www.temptation-experience.com/wp-content/uploads/2019/05/	0 0
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	75ms 23ms	Script application/javascript	151.101.194.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: booking.temptation-experience.com URL: https://booking.temptation-experience.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Origin https://booking.temptation-experience.com Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 06:50:28 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1480400 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-yyz4545-YYZ last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1720075829.682271,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 24, 76034
GET H2	200	jquery-ui.min.js Show response code.jquery.com/ui/1.13.1/	249 KB 66 KB	65ms 31ms	Script application/javascript	151.101.194.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.13.1/jquery-ui.min.js Requested by Host: booking.temptation-experience.com URL: https://booking.temptation-experience.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Origin https://booking.temptation-experience.com Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 06:50:28 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 25273629 x-cache HIT, HIT content-length 67637 x-served-by cache-lga21975-LGA, cache-yyz4545-YYZ last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1720075829.682615,VS0,VE0 etag W/"28feccc0-3e46a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 25772, 2477
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/	76 KB 24 KB	59ms 24ms	Script application/javascript	151.101.1.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js Requested by Host: booking.temptation-experience.com URL: https://booking.temptation-experience.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Origin https://booking.temptation-experience.com Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 04 Jul 2024 06:50:28 GMT x-content-type-options nosniff content-encoding br age 1291165 x-jsd-version 5.1.3 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 24376 x-served-by cache-fra-etou8220091-FRA, cache-yyz4573-YYZ x-jsd-version-type version etag W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	init.js Show response resbox.original-group.com/resbox/js/	1 KB 1 KB	211ms 63ms	Script application/javascript	75.102.23.52 SERVERCENTRAL
General Check archive.org Show headers Download Go to Full URL https://resbox.original-group.com/resbox/js/init.js Requested by Host: booking.temptation-experience.com URL: https://booking.temptation-experience.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.102.23.52 Chicago, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS unknown.hostforweb.net Software Apache / Resource Hash b5ad4239633c6332de68d3237d18b90455661d84beee066ebbd9dff1b15dbe74 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Thu, 04 Jul 2024 06:50:28 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Access-Control-Allow-Methods GET, POST, PUT, DELETE, PATCH, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Access-Control-Allow-Headers X-Requested-With, Content-Type, Accept, Origin, Header, Authorization Content-Length 510 Keep-Alive timeout=5, max=100 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	corp Show response resbox.original-group.com/resbox/temptation/	17 KB 4 KB	141ms 70ms	XHR text/html	75.102.23.52 SERVERCENTRAL
General Check archive.org Show headers Download Go to Full URL https://resbox.original-group.com/resbox/temptation/corp?lang=en Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.102.23.52 Chicago, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS unknown.hostforweb.net Software Apache / Resource Hash 43e6455dc8fd69cd879a1462161669496d4b22157854ee95038df529dfff3b5d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept text/html, */*; q=0.01 Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Thu, 04 Jul 2024 06:50:28 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Access-Control-Allow-Methods GET, POST, PUT, DELETE, PATCH, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Access-Control-Allow-Headers X-Requested-With, Content-Type, Accept, Origin, Header, Authorization Content-Length 3467 Keep-Alive timeout=5, max=100 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	oa.v2.js Show response partners.original-group.com/static/	103 KB 31 KB	128ms 34ms	Script application/javascript	50.31.177.101 SERVERCENTRAL
General Check archive.org Show headers Download Go to Full URL https://partners.original-group.com/static/oa.v2.js Requested by Host: booking.temptation-experience.com URL: https://booking.temptation-experience.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.31.177.101 Chicago, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS semidedi-30.banahosting.com Software / Resource Hash 7acb821bbaa9614fc681964dc7344f33ceda530173caf4ba75c108096268016b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 06:50:28 GMT content-encoding br last-modified Tue, 16 Apr 2024 02:25:16 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 31458 expires Thu, 11 Jul 2024 06:50:28 GMT
GET H2	200	css fonts.googleapis.com/	781 B 795 B	189ms 88ms	Stylesheet text/css	172.217.197.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.197.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS qa-in-f95.1e100.net Software ESF / Resource Hash 171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 04 Jul 2024 06:50:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 04 Jul 2024 06:22:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 04 Jul 2024 06:50:29 GMT
GET H/1.1	200 OK	fontello.css shared.original-group.com/fontello/css/	2 KB 1 KB	145ms 37ms	Stylesheet text/css	75.102.23.52 SERVERCENTRAL
General Check archive.org Show headers Download Go to Full URL https://shared.original-group.com/fontello/css/fontello.css Requested by Host: client URL: about:client Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.102.23.52 Chicago, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS unknown.hostforweb.net Software Apache / Resource Hash 8b7040370726e48f7c28cf14c81109fcb5b845cb10929ef7e2fed880d76b5c73 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 06:50:29 GMT Content-Encoding gzip Last-Modified Mon, 09 Sep 2019 18:23:32 GMT Server Apache Vary Accept-Encoding,User-Agent Access-Control-Allow-Methods GET Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 888 Expires Sat, 03 Aug 2024 06:50:29 GMT
GET H/1.1	200 OK	functions.js Show response resbox.original-group.com/resbox/js/	6 KB 2 KB	64ms 64ms	Script application/javascript	75.102.23.52 SERVERCENTRAL
General Check archive.org Show headers Download Go to Full URL https://resbox.original-group.com/resbox/js/functions.js Requested by Host: booking.temptation-experience.com URL: https://booking.temptation-experience.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.102.23.52 Chicago, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS unknown.hostforweb.net Software Apache / Resource Hash 523b63c704b8488d8e098bf389fe9a900a6c1925dfe321e9783e47e870683825 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Thu, 04 Jul 2024 06:50:29 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Access-Control-Allow-Methods GET, POST, PUT, DELETE, PATCH, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Access-Control-Allow-Headers X-Requested-With, Content-Type, Accept, Origin, Header, Authorization Content-Length 1421 Keep-Alive timeout=5, max=99 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	loader_v3.8.6.js Show response fpnpmcdn.net/v3/s68Zre5jlvZm3EkGvUFh/	149 KB 50 KB	165ms 38ms	Script text/javascript	108.139.47.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fpnpmcdn.net/v3/s68Zre5jlvZm3EkGvUFh/loader_v3.8.6.js Requested by Host: partners.original-group.com URL: https://partners.original-group.com/static/oa.v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-44.jfk50.r.cloudfront.net Software CloudFront / Resource Hash 016519a4e7f7495761315f3819262f549faa01638e77c687f985dbc19649db6d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 22:31:02 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff content-encoding br via 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 age 548367 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 server CloudFront etag W/"ZgVFUEDwBAE5w+t/h8SG2iEqATI" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3569, s-maxage=608969 timing-allow-origin * x-amz-cf-id h8xUIrhYBR0XydiuqQIY-KArGXoVccqzd9GZ5BoozYrJ1TrYvDzvtw==
GET H/1.1	200 OK	fontello.woff2 shared.original-group.com/fontello/font/	4 KB 4 KB	106ms 36ms	Font font/woff2	75.102.23.52 SERVERCENTRAL
General Check archive.org Show headers Download Go to Full URL https://shared.original-group.com/fontello/font/fontello.woff2?81259242 Requested by Host: shared.original-group.com URL: https://shared.original-group.com/fontello/css/fontello.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.102.23.52 Chicago, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS unknown.hostforweb.net Software Apache / Resource Hash 7096bf43eddfe839318c8e7cb96e3ede247e66e8696af62e86ea6caddfc24485 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://shared.original-group.com/fontello/css/fontello.css Origin https://booking.temptation-experience.com Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 06:50:29 GMT Content-Encoding gzip Last-Modified Mon, 09 Sep 2019 18:23:34 GMT Server Apache Vary Accept-Encoding,User-Agent Access-Control-Allow-Methods GET Content-Type font/woff2 Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3967
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	152ms 50ms	Font font/woff2	74.125.192.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.192.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f94.1e100.net Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://booking.temptation-experience.com Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 10:02:37 GMT x-content-type-options nosniff age 161272 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Jul 2025 10:02:37 GMT
GET H2	200	3WmD7Dt Show response fp.original-group.com/gThNjH/q5anW/	96 B 447 B	158ms 51ms	XHR text/plain	52.223.25.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fp.original-group.com/gThNjH/q5anW/3WmD7Dt?q=s68Zre5jlvZm3EkGvUFh Requested by Host: fpnpmcdn.net URL: https://fpnpmcdn.net/v3/s68Zre5jlvZm3EkGvUFh/loader_v3.8.6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.223.25.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a8185bf66a4581a7c.awsglobalaccelerator.com Software / Resource Hash b4deb140fedc8a9a2bcc5657452dd8d02f255696fc0bb3e4c6d752ba8c2454f1 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 06:50:29 GMT content-security-policy default-src 'none'; frame-ancestors 'none' referrer-policy no-referrer strict-transport-security max-age=63072000 x-content-type-options nosniff x-frame-options DENY content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers Retry-After cache-control max-age=31536000, immutable, private timing-allow-origin * x-robots-tag noindex content-length 96
POST H2	200	/ Show response fp.original-group.com/	391 B 905 B	242ms 166ms	XHR text/plain	52.223.25.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fp.original-group.com/?ci=js/3.9.9&q=s68Zre5jlvZm3EkGvUFh Requested by Host: fpnpmcdn.net URL: https://fpnpmcdn.net/v3/s68Zre5jlvZm3EkGvUFh/loader_v3.8.6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.223.25.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a8185bf66a4581a7c.awsglobalaccelerator.com Software / Resource Hash 5b6c591f9eab54cff9def49f454a721ff36842512831ec09ebb9201e6bd581b8 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Thu, 04 Jul 2024 06:50:29 GMT content-security-policy default-src 'none'; frame-ancestors 'none' referrer-policy no-referrer strict-transport-security max-age=63072000 x-content-type-options nosniff vary Origin x-frame-options DENY content-type text/plain access-control-allow-origin https://booking.temptation-experience.com access-control-expose-headers Retry-After access-control-allow-credentials true timing-allow-origin * content-length 391
GET H3	404	JdBJw5vFtzLCuftSmv4V Show response partners.original-group.com/api/v2/sessions/visitor/	357 B 608 B	660ms 618ms	XHR application/json	50.31.177.101 SERVERCENTRAL
General Check archive.org Show headers Download Go to Full URL https://partners.original-group.com/api/v2/sessions/visitor/JdBJw5vFtzLCuftSmv4V Requested by Host: partners.original-group.com URL: https://partners.original-group.com/static/oa.v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 50.31.177.101 Chicago, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS semidedi-30.banahosting.com Software / Resource Hash 1f4dfe6941a46e90d8c4cf3bd1fc47571b41f5ea5b088d1c4c094d1c701c68ac Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json, text/plain, */* Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 04 Jul 2024 06:50:30 GMT content-encoding br vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, PATCH, OPTIONS content-type application/json access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type, Accept, Origin, Header, Authorization content-length 212 alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	404	favicon.ico booking.temptation-experience.com/	5 KB 5 KB	60ms 59ms	Other text/html	216.25.35.202 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://booking.temptation-experience.com/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.25.35.202 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS mail.beachcitycomputers.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 163490334b53e6c9ce00660bd3e3382870be377d9ffc9f25ab956415827496cc Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://booking.temptation-experience.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 06:50:30 GMT cache-control private server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 4902 content-type text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.temptation-experience.com

URL

https://www.temptation-experience.com/wp-content/uploads/2019/05/temptation-experience-resorts-and-cruises.png

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery number| uidEvent object| bootstrap object| sc object| s object| Resbox function| makeRequest function| addResboxFunctionality undefined| __fpjs_p_l_b function| Function function| Object string| __fpjs_pvid number| cookieAffiliate object| dataLayer

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.original-group.com/	1970-01-21 06:33:31	Name: _iidt Value: Y6mZnTXXcJXuReYHQBe7tw50HuR8XarEmcdULf8mIVK3Hh1PlMy8eETvBMzCRPVf3QIr42YWHqWFpg==
			.temptation-experience.com/	1970-01-21 06:33:31	Name: _vid_t Value: KYkMljdZdTi0yP9cFPARdM18qRjftmVVMkkzvQyigc59ogRSQT4tVabC6DQkHeTFkPmQBEZSFMOthQ==
			.temptation-experience.com/	1970-01-21 06:33:31	Name: _oa_visitor_id Value: JdBJw5vFtzLCuftSmv4V

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://booking.temptation-experience.com/ Message: [.WebGL-0x2e0c022f2300]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
network	error	URL: https://partners.original-group.com/api/v2/sessions/visitor/JdBJw5vFtzLCuftSmv4V Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://booking.temptation-experience.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.temptation-experience.com
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
fp.original-group.com
fpnpmcdn.net
partners.original-group.com
resbox.original-group.com
shared.original-group.com
www.temptation-experience.com
www.temptation-experience.com
108.139.47.44
151.101.1.229
151.101.194.137
172.217.197.95
216.25.35.202
50.31.177.101
52.223.25.99
74.125.192.94
75.102.23.52
016519a4e7f7495761315f3819262f549faa01638e77c687f985dbc19649db6d
163490334b53e6c9ce00660bd3e3382870be377d9ffc9f25ab956415827496cc
171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d
1f4dfe6941a46e90d8c4cf3bd1fc47571b41f5ea5b088d1c4c094d1c701c68ac
43e6455dc8fd69cd879a1462161669496d4b22157854ee95038df529dfff3b5d
4dd835dd97ba48cca3b3c026982e27e7febe61e07d839a5c2a58838de7f3fa7a
523b63c704b8488d8e098bf389fe9a900a6c1925dfe321e9783e47e870683825
5b6c591f9eab54cff9def49f454a721ff36842512831ec09ebb9201e6bd581b8
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
7096bf43eddfe839318c8e7cb96e3ede247e66e8696af62e86ea6caddfc24485
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526
7acb821bbaa9614fc681964dc7344f33ceda530173caf4ba75c108096268016b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8b7040370726e48f7c28cf14c81109fcb5b845cb10929ef7e2fed880d76b5c73
b4deb140fedc8a9a2bcc5657452dd8d02f255696fc0bb3e4c6d752ba8c2454f1
b5ad4239633c6332de68d3237d18b90455661d84beee066ebbd9dff1b15dbe74
d1587bfde4c7ae469cdac61e2f0a1b1276eacf9d3e7dc1fd0f81c16babb7fb87
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e