urlscan.io logo urlscan.io
SecurityTrails logo

tools.figarohdt.com Open in urlscan Pro
104.20.5.168  Public Scan

Go To Rescan Add Verdict Report
URL: https://tools.figarohdt.com/
Submission: On December 13 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 104.20.5.168, located in and belongs to CLOUDFLARENET, US. The main domain is tools.figarohdt.com.
TLS certificate: Issued by WE1 on December 5th 2024. Valid for: 3 months.
This is the only time tools.figarohdt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 104.20.5.168 13335 (CLOUDFLAR...)
1 142.250.186.74 15169 (GOOGLE)
1 142.250.186.170 15169 (GOOGLE)
2 216.58.206.68 15169 (GOOGLE)
2 216.58.206.67 15169 (GOOGLE)
1 142.250.185.131 15169 (GOOGLE)
22 6
15    104.20.5.168 (None, )

ASN13335 (CLOUDFLARENET, US)
tools.figarohdt.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
ajax.googleapis.com
2    216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net
www.google.com
2    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f3.1e100.net
fonts.gstatic.com
1    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
15 figarohdt.com
tools.figarohdt.com
458 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
264 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 415
32 KB
22 4
Domain Requested by
15 tools.figarohdt.com tools.figarohdt.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com tools.figarohdt.com
1 www.gstatic.com tools.figarohdt.com
1 ajax.googleapis.com tools.figarohdt.com
1 fonts.googleapis.com tools.figarohdt.com
22 6

This site contains no links.

Subject Issuer Validity Valid
tools.figarohdt.com
WE1		 2024-12-05 -
2025-03-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
www.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tools.figarohdt.com/
Frame ID: 20548CB300BF61E97F27C68AE6E540CE
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfdOsYaAAAAAA5G3hfFuAoW2mvAH6NLcTPY3xL_&co=aHR0cHM6Ly90b29scy5maWdhcm9oZHQuY29tOjQ0Mw..&hl=it&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=ipd6gh8d0yep
Frame ID: 618C1E8A27FC12B4099E17B2FDBEC61C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | CRS

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

754 kB
Transfer

1404 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tools.figarohdt.com/ 		66 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e84c55a4d9e006324554bc8b41b7dbeac321bcf6bc92957d63d616dd4d098bb
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f15991f3b39dc80-FRA
content-encoding
gzip
content-length
22640
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 11:26:15 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
all.css
tools.figarohdt.com/fontawesome-pro/css/ 		207 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tools.figarohdt.com/fontawesome-pro/css/all.css
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3140dec577f6cd55fa0a0e0cd0936a0e2bd96af1b8992d068abc2e4d91ac855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"33d7a-5b0845569b4a6-gzip"
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 11:26:15 GMT
content-type
text/css
last-modified
Wed, 30 Sep 2020 09:14:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8f1599219895dc80-FRA
accept-ranges
bytes
content-length
35057
x-xss-protection
1; mode=block
server
cloudflare
v4-shims.css
tools.figarohdt.com/fontawesome-pro/css/ 		40 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tools.figarohdt.com/fontawesome-pro/css/v4-shims.css
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e3428f65a75ed9bb3a3c0278694e1610582358053d6d85273b22d21fdc141f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"a0a8-5b0845569e386-gzip"
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 11:26:15 GMT
content-type
text/css
last-modified
Wed, 30 Sep 2020 09:14:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8f1599219897dc80-FRA
accept-ranges
bytes
content-length
4327
x-xss-protection
1; mode=block
server
cloudflare
css2
fonts.googleapis.com/ 		5 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
809df0321e4c22fb83008efca44b5f5e7aa10b7bb1ca6234a78d0795a7ec6ea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 11:26:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 11:26:16 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 10:51:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
user_access.css
tools.figarohdt.com/css/login/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tools.figarohdt.com/css/login/user_access.css
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e448068984059adb3373fd51cad73472a3267186f602b446715d9e0e976008
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"d85-5c43cffda7481-gzip"
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 11:26:15 GMT
content-type
text/css
last-modified
Tue, 08 Jun 2021 08:32:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8f159921989adc80-FRA
accept-ranges
bytes
content-length
1070
x-xss-protection
1; mode=block
server
cloudflare
login.css
tools.figarohdt.com/css/login/ 		1 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tools.figarohdt.com/css/login/login.css
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04113a10812dfc35229143023331dea50c10178560d8b356f565227b786c4083
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"5a4-6152b65ebe780-gzip"
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 11:26:15 GMT
content-type
text/css
last-modified
Wed, 03 Apr 2024 06:33:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8f159921989bdc80-FRA
accept-ranges
bytes
content-length
437
x-xss-protection
1; mode=block
server
cloudflare
logoarea_136.png
tools.figarohdt.com/css/login/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tools.figarohdt.com/css/login/img/logoarea_136.png
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43fff09354886edd68722b4e76897a29a9eba34a9277b3f968fcf41306886c80
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"2038-5c34f16b21f9c"
x-content-type-options
nosniff
cf-ray
8f159921989cdc80-FRA
accept-ranges
bytes
content-length
8248
date
Fri, 13 Dec 2024 11:26:15 GMT
x-xss-protection
1; mode=block
last-modified
Thu, 27 May 2021 12:42:14 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
ita.png
tools.figarohdt.com/css/login/img/50w/ 		708 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tools.figarohdt.com/css/login/img/50w/ita.png
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d8b378317cd5603e03b1b46b38e5453e9fdd6764e15413bb0e793e5b1c45a3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"2c4-5c310487e6e2a"
x-content-type-options
nosniff
cf-ray
8f159921989edc80-FRA
accept-ranges
bytes
content-length
708
date
Fri, 13 Dec 2024 11:26:15 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
eng.png
tools.figarohdt.com/css/login/img/50w/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tools.figarohdt.com/css/login/img/50w/eng.png
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b16cb7c608e3c7353431f44b1a5b5a7cd154993e6925d98f675e1b591abf0dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"59a-5c310487c9969"
x-content-type-options
nosniff
cf-ray
8f15992198a0dc80-FRA
accept-ranges
bytes
content-length
1434
date
Fri, 13 Dec 2024 11:26:15 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
esp.png
tools.figarohdt.com/css/login/img/50w/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tools.figarohdt.com/css/login/img/50w/esp.png
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b0a6fb46f19547cbc20f01ef6fa3eaad7a552d685c0c5797e46e5854dfd024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"466-5c310487aa568"
x-content-type-options
nosniff
cf-ray
8f15992198a2dc80-FRA
accept-ranges
bytes
content-length
1126
date
Fri, 13 Dec 2024 11:26:15 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
fra.png
tools.figarohdt.com/css/login/img/50w/ 		706 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tools.figarohdt.com/css/login/img/50w/fra.png
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce55a90c6bda2a89278653f00a90f8d6aa4c0635a8b44ce508f75e48c668b5d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"2c2-5c310487f682b"
x-content-type-options
nosniff
cf-ray
8f15992198a3dc80-FRA
accept-ranges
bytes
content-length
706
date
Fri, 13 Dec 2024 11:26:15 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
deu.png
tools.figarohdt.com/css/login/img/50w/ 		640 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tools.figarohdt.com/css/login/img/50w/deu.png
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5798496136127c91eda9e60415bf123c0ce900c3a29825013ed920a6dfcab0c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"280-5c3104878d0a7"
x-content-type-options
nosniff
cf-ray
8f159921c8ffdc80-FRA
accept-ranges
bytes
content-length
640
date
Fri, 13 Dec 2024 11:26:15 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

content-encoding
gzip
age
267029
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:15:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:15:47 GMT
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31017
x-xss-protection
0
server
sffe
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LfdOsYaAAAAAA5G3hfFuAoW2mvAH6NLcTPY3xL_
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f4.1e100.net
Software
ESF /
Resource Hash
89aa53e0803a88179beabe0ea967baa58e3c0ba1d07420f5a9a93582b1899f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 11:26:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 13 Dec 2024 11:26:16 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
login.js
tools.figarohdt.com/js/login/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.figarohdt.com/js/login/login.js?time=1674499768
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a024570f3094ce5f158afd3c34181d65a1ebe207df4173537c39bac1e08fa47a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"2679-5f2ebd3c9b000-gzip"
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 11:26:15 GMT
content-type
application/javascript
last-modified
Mon, 23 Jan 2023 10:26:08 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cf-ray
8f159921c8fbdc80-FRA
accept-ranges
bytes
content-length
2821
x-xss-protection
1; mode=block
server
cloudflare
sfondoarea_136.png
tools.figarohdt.com/css/login/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tools.figarohdt.com/css/login/img/sfondoarea_136.png
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297410f7bbef2af2135c8755277d8eaca7cac4830e78fa2fc49959f117f1e23c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tools.figarohdt.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"4f83-5c31048529b4d"
x-content-type-options
nosniff
cf-ray
8f1599272c87dc80-FRA
accept-ranges
bytes
content-length
20355
date
Fri, 13 Dec 2024 11:26:16 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:23 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
fa-regular-400.woff2
tools.figarohdt.com/fontawesome-pro/webfonts/ 		170 KB
171 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tools.figarohdt.com/fontawesome-pro/webfonts/fa-regular-400.woff2
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/fontawesome-pro/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tools.figarohdt.com
Referer
https://tools.figarohdt.com/fontawesome-pro/css/all.css

Response headers

cf-cache-status
MISS
etag
"2a918-5b084556a1266"
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 11:26:16 GMT
content-type
font/woff2
last-modified
Wed, 30 Sep 2020 09:14:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8f1599274cbedc80-FRA
accept-ranges
bytes
content-length
174360
x-xss-protection
1; mode=block
server
cloudflare
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tools.figarohdt.com
Referer
https://fonts.googleapis.com/

Response headers

age
75809
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 14:22:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:22:48 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
fa-light-300.woff2
tools.figarohdt.com/fontawesome-pro/webfonts/ 		186 KB
186 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tools.figarohdt.com/fontawesome-pro/webfonts/fa-light-300.woff2
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/fontawesome-pro/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.5.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a8ed4a9ae2e4bf2af86d128b59c0c65e4992b3181e73851ff7d9cdca3833586
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tools.figarohdt.com
Referer
https://tools.figarohdt.com/fontawesome-pro/css/all.css

Response headers

cf-cache-status
MISS
etag
"2e7e8-5b084556a02c6"
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 11:26:16 GMT
content-type
font/woff2
last-modified
Wed, 30 Sep 2020 09:14:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8f1599274cc0dc80-FRA
accept-ranges
bytes
content-length
190440
x-xss-protection
1; mode=block
server
cloudflare
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tools.figarohdt.com
Referer
https://fonts.googleapis.com/

Response headers

age
267162
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:13:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:13:35 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
recaptcha__it.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 		549 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__it.js
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
37a36052595f44441096e653faef42900ccaf377506e85d162abb5ba63c17b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tools.figarohdt.com
Referer
https://tools.figarohdt.com/

Response headers

content-encoding
gzip
age
19436
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 06:02:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 06:02:21 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221986
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/enterprise/ Frame 618C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfdOsYaAAAAAA5G3hfFuAoW2mvAH6NLcTPY3xL_&co=aHR0cHM6Ly90b29scy5maWdhcm9oZHQuY29tOjQ0Mw..&hl=it&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=ipd6gh8d0yep
Requested by
Host: tools.figarohdt.com
URL: https://tools.figarohdt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J-bhe8QawS7imWShUw3dIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tools.figarohdt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J-bhe8QawS7imWShUw3dIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Dec 2024 11:26:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| NREUM object| webpackChunk:NRBA-1.275.0.PROD object| newrelic function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| changeFlag function| getErrorType function| setWrongCredentialsError function| setError function| setTranslatedText function| togglePasswordVisibility function| togglePasswordFont function| loginUser function| generateString function| changeFieldsName function| copyIPAddress function| changeLanguage object| recaptcha object| closure_lm_703628

3 Cookies

Domain/Path Name / Value
.tools.figarohdt.com/ Name: _crs_extranet_sessions
Value: 6tg467kbpbql89lscqnrkppdid
.tools.figarohdt.com/ Name: _crs_extranet_cors
Value: 1f675ac8e0d8ba5a8d21271bc9324ab0dc6cf6ed226ce6ba464e2041e651bdf8
tools.figarohdt.com/ Name: login_lang
Value: eng

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
tools.figarohdt.com
www.google.com
www.gstatic.com
104.20.5.168
142.250.185.131
142.250.186.170
142.250.186.74
216.58.206.67
216.58.206.68
04113a10812dfc35229143023331dea50c10178560d8b356f565227b786c4083
297410f7bbef2af2135c8755277d8eaca7cac4830e78fa2fc49959f117f1e23c
37a36052595f44441096e653faef42900ccaf377506e85d162abb5ba63c17b5d
3e84c55a4d9e006324554bc8b41b7dbeac321bcf6bc92957d63d616dd4d098bb
43fff09354886edd68722b4e76897a29a9eba34a9277b3f968fcf41306886c80
4b16cb7c608e3c7353431f44b1a5b5a7cd154993e6925d98f675e1b591abf0dc
55d8b378317cd5603e03b1b46b38e5453e9fdd6764e15413bb0e793e5b1c45a3
5798496136127c91eda9e60415bf123c0ce900c3a29825013ed920a6dfcab0c4
5ce55a90c6bda2a89278653f00a90f8d6aa4c0635a8b44ce508f75e48c668b5d
76b0a6fb46f19547cbc20f01ef6fa3eaad7a552d685c0c5797e46e5854dfd024
809df0321e4c22fb83008efca44b5f5e7aa10b7bb1ca6234a78d0795a7ec6ea8
89aa53e0803a88179beabe0ea967baa58e3c0ba1d07420f5a9a93582b1899f25
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a8ed4a9ae2e4bf2af86d128b59c0c65e4992b3181e73851ff7d9cdca3833586
a024570f3094ce5f158afd3c34181d65a1ebe207df4173537c39bac1e08fa47a
a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
e0e448068984059adb3373fd51cad73472a3267186f602b446715d9e0e976008
e7e3428f65a75ed9bb3a3c0278694e1610582358053d6d85273b22d21fdc141f
f3140dec577f6cd55fa0a0e0cd0936a0e2bd96af1b8992d068abc2e4d91ac855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e