Submitted URL: https://booking.movehotels.com/
Effective URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Submission: On February 14 via api from US — Scanned from US

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 63 HTTP transactions. The main IP is 185.56.10.123, located in Arezzo, Italy and belongs to . The main domain is booking.movehotels.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 31st 2024. Valid for: a year.
This is the only time booking.movehotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
33 my-cdn.cloud
ber-js.my-cdn.cloud — Cisco Umbrella Rank: 871477
ber.my-cdn.cloud — Cisco Umbrella Rank: 863257
3 MB
23 movehotels.com
booking.movehotels.com
893 KB
8 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4734
buttons-config.sharethis.com — Cisco Umbrella Rank: 5372
l.sharethis.com — Cisco Umbrella Rank: 5050
platform-cdn.sharethis.com — Cisco Umbrella Rank: 10375
52 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
85 KB
1 bookingexpert.it
cdn.bookingexpert.it
180 KB
63 5
Domain Requested by
23 booking.movehotels.com 3 redirects booking.movehotels.com
ber-js.my-cdn.cloud
21 ber-js.my-cdn.cloud booking.movehotels.com
12 ber.my-cdn.cloud booking.movehotels.com
5 platform-cdn.sharethis.com booking.movehotels.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 www.googletagmanager.com booking.movehotels.com
1 platform-api.sharethis.com booking.movehotels.com
1 cdn.bookingexpert.it booking.movehotels.com
63 9

This site contains links to these domains. Also see Links.

Domain
www.movehotels.com
www.bookingexpert.it
Subject Issuer Validity Valid
booking.movehotels.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-31 -
2025-03-02
a year crt.sh
cdn.bookingexpert.it
GTS CA 1D4
2024-02-01 -
2024-05-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-16 -
2024-04-15
a year crt.sh
sharethis.com
Amazon RSA 2048 M02
2023-05-20 -
2024-06-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Frame ID: A363196477FD9908690A010AD130F518
Requests: 64 HTTP requests in this frame

Screenshot

Page Title

Move Hotels Venezia NordNorton

Page URL History Show full URLs

  1. https://booking.movehotels.com/ HTTP 302
    https://booking.movehotels.com/book/ HTTP 302
    https://booking.movehotels.com/book/home/index?nsid=a2a47af9-eba4-4964-9ae0-a88e6c6f4f95 HTTP 302
    https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mustache(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

63
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

9
IPs

2
Countries

4355 kB
Transfer

5821 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://booking.movehotels.com/ HTTP 302
    https://booking.movehotels.com/book/ HTTP 302
    https://booking.movehotels.com/book/home/index?nsid=a2a47af9-eba4-4964-9ae0-a88e6c6f4f95 HTTP 302
    https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request single
booking.movehotels.com/book/home/
Redirect Chain
  • https://booking.movehotels.com/
  • https://booking.movehotels.com/book/
  • https://booking.movehotels.com/book/home/index?nsid=a2a47af9-eba4-4964-9ae0-a88e6c6f4f95
  • https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
456 KB
34 KB
Document
General
Full URL
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
bbd88dff90131692af61aa40548f3cc3d663937818abd5fcad1edf56a8791363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Feb 2024 06:13:54 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
Content-Length
0
Date
Wed, 14 Feb 2024 06:13:53 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
location
/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
fonts.css
booking.movehotels.com/book/resources/css_new/ber5/_fonts/
2 KB
952 B
Stylesheet
General
Full URL
https://booking.movehotels.com/book/resources/css_new/ber5/_fonts/fonts.css?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
e7e7ba0a417cebff417816bf9974474c66d873f98498f52339d7f178617c9f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
last-modified
Thu, 08 Feb 2024 08:40:22 GMT
Server
nginx
etag
W/"2334-1707381622000"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
desktop.css
cdn.bookingexpert.it/_v2022/css_new/ber5/desktop/
179 KB
180 KB
Stylesheet
General
Full URL
https://cdn.bookingexpert.it/_v2022/css_new/ber5/desktop/desktop.css?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.254.33 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.254.160.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c633b6cfaf4a705f2e90c882674377861b6df889d7aaebb884ac82a94c4faee9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1705584527
age
0
x-guploader-uploadid
ABPtcPotGgqLMIyttIJOaslLMYlGZttHG_MbhCSJam_uYdVCgxAzNesDkBPleXlBOHGw_pg7VwEYYTBypA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183256
last-modified
Thu, 18 Jan 2024 13:28:56 GMT
server
UploadServer
etag
"15523adf168eb8805d56d7160ad864e1"
x-goog-generation
1705584536561208
x-goog-hash
crc32c=+EigFg==, md5=FVI63xaOuIBdVtcWCthk4Q==
content-type
text/css
cache-control
public,max-age=300
x-goog-stored-content-length
183256
accept-ranges
bytes
fontawesome-all.min.css
booking.movehotels.com/book/resources/libs/ber5/css/
78 KB
16 KB
Stylesheet
General
Full URL
https://booking.movehotels.com/book/resources/libs/ber5/css/fontawesome-all.min.css?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
473499559a8a3794e29edd18fbea3a6a932663465c654b9b7509b10ca9a504cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
etag
W/"79752-1707381414000"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
swiper.min.css
booking.movehotels.com/book/resources/libs/ber5/css/
19 KB
4 KB
Stylesheet
General
Full URL
https://booking.movehotels.com/book/resources/libs/ber5/css/swiper.min.css?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
etag
W/"19778-1707381414000"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
lang
booking.movehotels.com/book/script/
312 KB
103 KB
Script
General
Full URL
https://booking.movehotels.com/book/script/lang?layout=18453&lang=en&currency=EUR&nsid=7025e84b-f4c6-4772-8926-58f4a621a830&v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
b78ab65b3b8f8973067d5cef3d3ce36b14f4c9a76dfe7c1413715668b1cdfb57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
cache-control
public,max-age=300,s-maxage=300
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
jquery.min.js
ber-js.my-cdn.cloud/book/resources/libs/ber5/js/
86 KB
31 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/libs/ber5/js/jquery.min.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"88144-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQuVg%2FHShyKeBNAVysNYSSSm9Tf8k7GI%2FmLORAZHt1JGNh1%2F6HqG7lVEJoWa44QGvyuLZibv3wtgSfhXpnRyT7%2BuBIaqWkRBxH8PF1qPN8ffz2dk7%2BAWt1ANqTVtkAEQ0vSL0f7knRn6iqz%2F8fpKt0E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8ce754c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
jquery-ui.min.js
ber-js.my-cdn.cloud/book/resources/libs/ber5/js/
248 KB
68 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/libs/ber5/js/jquery-ui.min.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5148
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"253669-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pfj7OQt1EaalZt0ZSDkdKosKvhYMxp9qt15iSi9fmpdjcXkrq0E7wzyVNnDtRtxRru%2BhfvMp6pdTCgEb6cBZLyVcs%2Bm3lSdifDqlCAbtJf2vOlLGGloLJp1RQnXCJNYlkO223tewEA8LwRxAf03aEr8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8ce774c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
jquery.ui.touch-punch.min.js
ber-js.my-cdn.cloud/book/resources/libs/ber5/js/
1 KB
1 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/libs/ber5/js/jquery.ui.touch-punch.min.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5149
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"1291-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bssWkBHsNgNCJwDhlPqChkVUinEnZasO5C1wr2FuBMieS7qV3rlqnaSKwnY50HUz4r4%2FwKq9aSywF9W225qA%2BNGtgHf0etAwJdUCt%2Fvm2lzqAKR6HfJRiPr%2BJyQaq%2BOZvshjtdMbBeD08mC6rb5BEZg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8ce784c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
swiper.min.js
ber-js.my-cdn.cloud/book/resources/libs/ber5/js/
125 KB
33 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/libs/ber5/js/swiper.min.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6229770d211d3e9ec87b1daf5fb2576cd88a3caab6a9cd45baf2240703c35800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"127894-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uc16ZVLgwmmUP7DjO5%2F8wuwl7m19k8nBd8RcPTeppfr2rZ2Syeb7ZEFC5Pq70UcfiL3Cx6s%2FAIw2s%2FG1e2%2B0cesnx7xTzTuLhd8sjr5Vt6PVgrk8qDWJZdzPlIqRdTbo9IEOROrOHqIgkcE2Nt%2FlRt0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8ce7a4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
hc-sticky.min.js
ber-js.my-cdn.cloud/book/resources/libs/ber5/js/
12 KB
5 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/libs/ber5/js/hc-sticky.min.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cde48c097c618cf62095b0bbf307941a9d4a0c09b51f78a61120a0b5a78a5777

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"11897-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjGVCI8%2FkQWXzHDtwjPiUDsnY9AL7hp%2BoN2u7ZIy4JW4WMmnBAmclyjgzHyV89hE9oe5HzInZ32T%2BPoL0xW%2BIopJmxli4RJSuy63EmtASyBTeUFQ9mD%2B2Kjm%2FxuxbJJVDIXOKmtAsLUxyMOCtQWkuwQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8ce7b4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
moment.js
ber-js.my-cdn.cloud/book/resources/libs/
52 KB
18 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/libs/moment.js
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5149
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"53324-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYCNYMso3xBwntvDknqvmeby7nD437nJtcuqIRUQIeB4Sti%2BsrJL3Q3f1vSlgxN1C3Y0nTTMNwioS4jyfOZPr%2FJJacIVNeYw50l9nR8GDSYK4DSc8A7denG9u6RLxoDfRCzsSKRVcR7%2BiGlRsB6PvV0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8ce7c4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
mustache.min.js
ber-js.my-cdn.cloud/book/resources/libs/
9 KB
3 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/libs/mustache.min.js
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3258bb61f5b69f33076dd0c91e13ddd2c7fe771882adff9345e90d4ab7c32426

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9512-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3G%2BXMZYPsEdx8L7L5e4QrWcS5P51MPCeXSGPvbboy36OmCaYYp4EOU7VpGvJE6z7W5Kw8spM1XBa6yUQ2xmDPhw3nS1f6EVsfRaIlFbcE1pQYuyZvznhztAEgDtzR0PB%2FlICDJKZkJVfAEu0vVmrQQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeba4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
jquery.countdown.min.js
ber-js.my-cdn.cloud/book/resources/libs/
5 KB
3 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/libs/jquery.countdown.min.js
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5339-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvRcVrnnVTe%2FutXkwijYdJ%2BEBCU0kkir63iFguzxlZzaQdx4vT4BQOva2MBKL0Om5KieXGEtdO4%2BIXxZrU%2BG0nhBhI95wwy4EIe5iSL9o5yW2Fhz%2BSRG9RzOdTxrE9LyKlFSbDoPpBIfEXIRNvxubu4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeb64c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
common.js
ber-js.my-cdn.cloud/book/resources/scripts/
3 KB
1 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/common.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0567feb833736ea9de9da4592c89dcc84924a341d442bb4bec60fd61d44f8208

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5149
cf-polished
origSize=4592
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"4592-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q0Gq0Qtcu6llmPTu21MPwgUF69g0suojKXBlU24TB4ulrjyzdBFQod6s4lLDJ9N9dg%2BCM4DvYrcVi%2Fg6fJ%2BmvxtzDPnhTGKQgki6YuxFKXMsBBU5UbMp6vNkiMTdM1HV111izn%2BimAA2NbTIW8itdk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeb54c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
list.js
ber-js.my-cdn.cloud/book/resources/scripts/
430 B
525 B
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/list.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6881f1d790746e7762ae3689055a30b5e98e2d5a0c9ae78f119126e7fe8685

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1310
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"1310-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l6AMuYWVrSQlvalNxSEMroVLyLERTgaXKGPw3fJjGMdmULCrDS67b8RtIfBwYPmHLvjHdgLDZdgk%2B%2FK70a76gKFyVL%2F35ZNSVoC3ldDPV5%2Fs1fyHM0b00afJWyysKhyZQy4vl835Pso03g07pfXKyc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeb44c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
string.js
ber-js.my-cdn.cloud/book/resources/scripts/ber5/
3 KB
2 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber5/string.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3a5d40948ac2b247511b411b00e1942c2453b93256b057b8ecbc3f9152742c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5148
cf-polished
origSize=5786
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"5786-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQutNDCPkfXmIj333AEuspoZxS1pphXCpZ3eiYRvYdJfuXI2pmCu3kNCGccx8RUh0hwvRMz8PU0RBZp3nNiRXVAe9HJkfXOoyPmzGpRCh%2FgxDoKqbagc6rm%2BtELGdoaH49%2BbNMsdYhsq%2FUeFwXbFgHs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8ce7d4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
form.js
ber-js.my-cdn.cloud/book/resources/scripts/ber5/
10 KB
3 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber5/form.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8c6718fd32d53a6f3b9a28afb465ad42863f1ebcb24e47511a9e5872e2ad48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5149
cf-polished
origSize=17523
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"17523-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6k6x4DyBQS6r6LlhMfAqqcaaI%2BQyX3bm4OtlUy1AiK98t5AOB0LYTeiYPaRDGnxGNb7UVNAqqYPLxJjPkyG5lqxIr3SN08GhlKQyIPMdKLtJfUWcl4iRw2P2i6EW2wc79tZ9xsOILNJB6V8oEcTzxo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eebc4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
date.js
ber-js.my-cdn.cloud/book/resources/scripts/ber3/
2 KB
1 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber3/date.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0827334cef1f1d894b39bf0ac520fd65af26b7340098f0f5e881411f57ddb15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4242
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"4242-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQgLLMgUSxIy7T0U5f6fSeEKk59PcAKaIBeiJSbhd4ys%2FEEYHuYyhUfsyBEREak2K1D5ATCfAt3bc%2BpZm94bV%2BoFnXPsmcMaHJAZFZmIXXVyJKSlNtL4Utid9JI3MbX6WXqiutPtAw407pVIZLbNQus%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eebb4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ajax.js
ber-js.my-cdn.cloud/book/resources/scripts/ber5/
4 KB
2 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber5/ajax.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505c949be240c0f717d167e87979cf04a0d4009196d9a4b96a3e2bf544a9d25f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5149
cf-polished
origSize=7544
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"7544-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmgJcUhoO5b2JV1KumEAFBetewfASpm%2BYUCSIrGq9W9sb8IhC90PMuFlK3L6J3OtubwZbRuqlqI1cSQRicGDZPUW3KC0lMsH5AsYC%2BZHXlDTOVlVEZSomPVLO80Eq56t8AxV2jpwmj%2FHTJhknufBMEs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeb74c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
event.js
ber-js.my-cdn.cloud/book/resources/scripts/ber4/
296 B
473 B
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber4/event.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28100c5f5b9eab142efb4090642b09a805bd097cc42e1854bef5993e970518d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5149
cf-polished
origSize=859
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"859-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbUkRRxFAu%2FG2uv4wKT11PmQB4Ld9NsPE1uXPTXO74N9PKVE%2F16uK22Ewdh%2BU7%2FtX2OHygVX452awP795aUX6RI8%2BPEL9qzQlZcrxu9BoUAMG6RXqwhhOwYHLvSJVz%2F8XOIAWGYsvmHNnKYXUA9xsE8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeb24c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
map.js
ber-js.my-cdn.cloud/book/resources/scripts/ber5/
4 KB
2 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber5/map.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd605efe2891347523bbfa6df61f508edb5bf0423739953a17cc6cda8f064a60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=6908
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"6908-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akvfc4qNmM9%2BMlVmx3w4JevoQrIG%2FFcB1JUDuB9vq9Ak%2BAYOUvdOu5JWuxDO7vX1Yt6Jy7QtB2w8c4KMcNqC1YOcywz9LlU6xJdPg6iNm8eyamyyezsZ1VzIfvYkoWT5EDZu8DFGXfuGYtS3pUZCqFw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeb04c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
search.js
ber-js.my-cdn.cloud/book/resources/scripts/ber5/
25 KB
7 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber5/search.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bdc5389f32dc05459ee840ee8480c8b7f53f16967b86bd6827c1c645e255d23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=41354
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"41354-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9dQs%2FbYomr15keevxfbUtisTbwWInDy2kFo131v%2BfrqMU1HEv9ZgjQMfiPD%2BbebGMxzKRTAgVoKCAqRgHEECS%2BNhUvI4wKADOpfkfpL0fqB3bsLQ0ypXwdc7YfYVChS7ssF%2F%2FuZLdOYqUFrVyaZU84%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeb94c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
noavail.js
ber-js.my-cdn.cloud/book/resources/scripts/ber5/
6 KB
2 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber5/noavail.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43efcab1d5a7c2f6741be9b60d0a9a52cc3eb786efe48f8eb6f02482d12b356d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=10145
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"10145-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uX4BpaoLr40W6h3KL%2BbDsiHpaB70nLXGbRxFxFS0XxJtttX5eLfv3E49%2FWbDNsMF5dmtLvlO5yReadr5W4DS89D7G5AZIQRXW4gHO6SQCvgMBd0iOwHVEft3maxIpAgvmsO2GxLBGz65IthrKJHXumw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeb84c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cart.js
ber-js.my-cdn.cloud/book/resources/scripts/ber5/
8 KB
3 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber5/cart.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3445ede608e06f291a33a4e1e8bd90063c6d2e014a16fd1ad4f276634f96a2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=12714
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"12714-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vv3XZaU%2FnxFq4Fc9SAIvoiJdZzKlk%2FDIO8chGid44RIIul4VWFGRe3snIsXWrVCFhDRgBYQHwecMPqjA5gIshh6A6rBeARfnQuabIpO0X6oJZ5Jb1DhjfwbBeTKffxRVCHc%2FaAhpuEhO4Mt%2BT7CBi1o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeaf4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
main.js
ber-js.my-cdn.cloud/book/resources/scripts/ber5/
32 KB
10 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber5/main.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3efd7582b96219681e70717909b000b3c420af402341a8d6e4e0cd35a8c0c4a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=53814
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"53814-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDt3bMTPlUXnlMGS%2BoFz2XjC8MA8bRZbpVL1A0kQ2BQyYuKKDMZE%2BYOQSp3Ln61Q7dQ4guoeBRmjEPb3zDIjRTtQPr%2B9mYjeeAFfstq9bed%2FIgTELL%2BW3rXFRBOBuauwAeZqmIDrXxSZiZNG7hpZ8EI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8eeae4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
gtm.js
ber-js.my-cdn.cloud/book/resources/scripts/ber5/
4 KB
1 KB
Script
General
Full URL
https://ber-js.my-cdn.cloud/book/resources/scripts/ber5/gtm.js?v=8.4.16
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2420bdd7757bcf50aaa3b36b61b0d8f93e86c299f1900c8858ddaf44a2cee02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5149
cf-polished
origSize=5491
cf-bgj
minify
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
server
cloudflare
etag
W/"5491-1707381414000"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nn%2F7aJz32L5Kf%2BmS2Y1sCIBjtvufT1tpezX%2B7xtoenGjWxTQgGakqa2l1v4fm5f0Dk%2F1sgm%2Fk0FK1KLeh%2FdezWPwJ8nnFX4BQ0Har6jDORbFTf2QopvrgM3Su%2F23ldWRfXHCcqpV7kZs7A8MO59C14%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
85532af8ce7e4c06-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-78.bos50.r.cloudfront.net
Software
/
Resource Hash
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:11:43 GMT
content-encoding
gzip
via
1.1 7892446663b4185f4fe79acff7f3a46e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
BOS50-C2
age
132
etag
W/"3360d-7zvdaxLS2Lhi3Pty7QrCYymkuqI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
Q0LVEqQWpR_OacXT5HYhHRVdTlwOF624Bf88WYCgsHskz7GQ7B8K-Q==
5bf6ac28-62be-4b65-9b87-96f6adcbc774.png
ber.my-cdn.cloud/data/45522/
441 KB
442 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/5bf6ac28-62be-4b65-9b87-96f6adcbc774.png
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff9e7483883c84313fd151b7914c23d4ad53ce022f074968af5f206fb357ac44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:54 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Feb 2024 13:14:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bceabd-6e562"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoLj9ByKlZ8wMD%2Fun3tkdoOp1T2ngpe%2BNnpLmIy7H%2FKDH1gqGUErOGJDesaj4uTQ0uoF7sgXut5SwKMqEsuuwvt7eCMPKAcThRzXp0cJzEVc4iw64vEx7hqu%2F%2BXl2oqWJ9A5VA6ILwnGDtCO1do%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532af8c90f9ab9-MIA
content-length
451938
expires
Fri, 16 Feb 2024 06:05:18 GMT
en.svg
booking.movehotels.com/book/resources/images/ber5/flags/
2 KB
1 KB
Image
General
Full URL
https://booking.movehotels.com/book/resources/images/ber5/flags/en.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
41afc5db29e1aa3233d6af784ab6b975500aba72ee8e09e9981becebf64135c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
Content-Encoding
gzip
etag
W/"1923-1707381414000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
de.svg
booking.movehotels.com/book/resources/images/ber5/flags/
863 B
1 KB
Image
General
Full URL
https://booking.movehotels.com/book/resources/images/ber5/flags/de.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
26725ee2640b1128583b0d5fddd04453bdba2de13fcadb411de5f5827c315aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
Content-Encoding
gzip
etag
W/"863-1707381414000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
es.svg
booking.movehotels.com/book/resources/images/ber5/flags/
6 KB
2 KB
Image
General
Full URL
https://booking.movehotels.com/book/resources/images/ber5/flags/es.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
e8995be4b9d748c89ecf9c6add97dc834f14173666c238d397beac300b07dc8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
Content-Encoding
gzip
etag
W/"6006-1707381414000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
fr.svg
booking.movehotels.com/book/resources/images/ber5/flags/
889 B
1 KB
Image
General
Full URL
https://booking.movehotels.com/book/resources/images/ber5/flags/fr.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
e90dee767245fb9f2d5ac9f6fb569fb7d19701e9a16cace435e6ec0d2bca351e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
Content-Encoding
gzip
etag
W/"889-1707381414000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
it.svg
booking.movehotels.com/book/resources/images/ber5/flags/
889 B
1 KB
Image
General
Full URL
https://booking.movehotels.com/book/resources/images/ber5/flags/it.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
a23b4152045ea82dece364200d52d648c0b6b20fe91ced9593efda313e32a0bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
Content-Encoding
gzip
etag
W/"889-1707381414000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
ru.svg
booking.movehotels.com/book/resources/images/ber5/flags/
863 B
1 KB
Image
General
Full URL
https://booking.movehotels.com/book/resources/images/ber5/flags/ru.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
38f105a3c9cb694c3d4d5a47e08008bf784141c4894c14c609f45d91cbaa1edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
Content-Encoding
gzip
etag
W/"863-1707381414000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/
248 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5H588JT
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aedf1ddc29e6b2b0cd9678c64656a462ce88305df666ee0fe934dfc9362bccfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86145
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 06:13:55 GMT
fb2a1d55-5dbf-4405-b7ba-de6804286d34.jpg
ber.my-cdn.cloud/data/45522/
255 KB
256 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/fb2a1d55-5dbf-4405-b7ba-de6804286d34.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12efe39a7e23994d119737b40118f3991d4e481c5037ff12aa23170a3fda4cee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
261161
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:01:18 GMT
server
cloudflare
etag
"65b8d6fe-3fc29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BYh2fjhVlCVsJeo1j%2Bo%2BnxnCwZjobK8%2BYiYuMVaauxdhM1%2F%2FgK8DpCTsOY%2BMA%2F82T%2FEg5L7f%2FhJCMmqkBPXVfXu3x9UlOyTsbsS8L7XlWoZcBZAGsK4wmY30L8eLvkt7hjwiLcVhbLz1sKSlKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afe6c879ab9-MIA
expires
Fri, 16 Feb 2024 06:05:18 GMT
truncated
/
990 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
763c6ce6cbd69fcd3c3b42b7d7b147eb0f2ff832e83185944ebf2d660b9f444f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
3aecabbf-c0c2-4cd7-8e26-d283f75c4fad.jpg
ber.my-cdn.cloud/data/45522/
262 KB
263 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/3aecabbf-c0c2-4cd7-8e26-d283f75c4fad.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7112b8536d59dbafe104a9b0193f006c9dc596249dc40ec266f1faf420f09dfd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
268618
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:04:31 GMT
server
cloudflare
etag
"65b8d7bf-4194a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTQjedRZ2sldKd6Nwsg2jAnI5LtB6uxTHFuLLvGY9GF5hlIWDPb3%2FqgCdJkF%2F0%2FVYmovGynhkmgFlIBK11OCUlSIZmI4JDJ4ofqKe0mfKCUc0qdHpj9JOctiHEKfJuxhOJtOs6YkhghI%2F1lXlhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afe6c8e9ab9-MIA
expires
Fri, 16 Feb 2024 06:05:18 GMT
daa6d5e4-09ae-4290-99b5-9388cee2151a.jpg
ber.my-cdn.cloud/data/45522/
157 KB
158 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/daa6d5e4-09ae-4290-99b5-9388cee2151a.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be38e343abe84b4c0e82ce6f86838a1fca5963fc4889457501fa746cfbf18e63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
161158
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:07:04 GMT
server
cloudflare
etag
"65b8d858-27586"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFHuKQd5UBLuiEYMnbZGlaZpjTNwDKZ00BWPyh72pYZK5%2Fmwgd6rA6mUBjaeSNNrTB64mbEgcdCwTUKSDj7CpbvSof8A4lXzWj5JDALh%2BsYFvOUz%2BCHGR51oV3WGU4Z2MLvxWSkLpy8nM%2Fuw8uU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afe6c8f9ab9-MIA
expires
Fri, 16 Feb 2024 10:37:07 GMT
db5e527c-6463-4e31-a3ce-8bf609e26191.jpg
ber.my-cdn.cloud/data/45522/
243 KB
243 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/db5e527c-6463-4e31-a3ce-8bf609e26191.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a034b571b5041cbdfc051b3404fdc920471e26be4d90eea02dfaba807849b0f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
248453
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:09:59 GMT
server
cloudflare
etag
"65b8d907-3ca85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVm7ec8VHVbmND0rV6HJMIzNk3mdYPc0A73N32Eclq%2FqkoPNe6j%2FQOYqRCR9IILOoieuYwrGtK5wftYh3gCLa%2BYd%2Fg5i2C5Y24ajuSqhTiB5qrJnozRCF%2Br06lZa7HhZdAL7miAazwUoLDo%2FB2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afe7c909ab9-MIA
expires
Thu, 15 Feb 2024 02:19:31 GMT
a276bc3e-ebb7-4428-b10f-1c19a8bece16.jpg
ber.my-cdn.cloud/data/45522/
227 KB
227 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/a276bc3e-ebb7-4428-b10f-1c19a8bece16.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df850dbb8fe2ca9bf288e5d62bd896d8e33e050f009362c2fa602ed02a9c86fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
232137
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:08:40 GMT
server
cloudflare
etag
"65b8d8b8-38ac9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXuCZPXgOz6zMzMzkXZs7pcjTNL0tODh761JJCR20WCnXp%2FvCoMh0r4SkuwYxYbNgeUk2i%2BKWVLTHKjeQFnEXsqYnp941UCb1av7nuGgf1h4J0Vz4Y8Hhrbi6HgsbcK%2FlTx4l6U9M41zLxR2EQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afe7c929ab9-MIA
expires
Fri, 16 Feb 2024 10:37:07 GMT
d03855d5-438f-4e10-922b-0dcdf3f520bb.jpg
ber.my-cdn.cloud/data/45522/
258 KB
259 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/d03855d5-438f-4e10-922b-0dcdf3f520bb.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe67595e316215278f50a53f37ea104183d2150becb4e555415982a819a8b51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
264351
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:16:16 GMT
server
cloudflare
etag
"65b8da80-4089f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtdEAOVToLwTP0dkIFu5%2FMXwNaF9qTJRid46m%2FUvK%2FokcfV7pBYJD%2BvWiXJHSZAphdpWWbdhSc3S8rh85wW%2FItAzKvPGR%2FZJuhHpfgTHQ8QjgzcTLUqeAw%2B81M7SNj5zMOEJmgDzP1nPYYkdek4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afe7c959ab9-MIA
expires
Sat, 17 Feb 2024 07:00:18 GMT
a0cac429-6ea3-41a5-b343-eeb617057409.jpg
ber.my-cdn.cloud/data/45522/
247 KB
248 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/a0cac429-6ea3-41a5-b343-eeb617057409.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0174e35f17238c804a60259249bd467000f5b5f0b2201a87cd4b74a00ad6068

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
253374
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:18:13 GMT
server
cloudflare
etag
"65b8daf5-3ddbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlWgtMYuwTupRZK0I%2F9ZJtWs90rWVZaAQIEeS%2Bd0pOtGb2DBs7zBn%2FW2iGrjsfr6SPIlIWMTAeCtRj5evyNqMF6Dt4dBs7VZs1AFcRntCxF22BCvIjn25u1qOtQtARY8TmQS7QzRyhOkII%2BJHWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afe7c969ab9-MIA
expires
Fri, 16 Feb 2024 09:19:48 GMT
CircularStd-Book.otf
booking.movehotels.com/book/resources/fonts/ber5/circular/
81 KB
81 KB
Font
General
Full URL
https://booking.movehotels.com/book/resources/fonts/ber5/circular/CircularStd-Book.otf
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/resources/css_new/ber5/_fonts/fonts.css?v=8.4.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
07981ffb7497e6d7f4d2c2a39a8fdb670f01cc0e8296f2dc799291ad4e549a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.movehotels.com/book/resources/css_new/ber5/_fonts/fonts.css?v=8.4.16
Origin
https://booking.movehotels.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
etag
W/"82856-1707381414000"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
accept-ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
82856
X-XSS-Protection
1; mode=block
fa-light-300.woff2
booking.movehotels.com/book/resources/fonts/ber5/fontawesome/
153 KB
154 KB
Font
General
Full URL
https://booking.movehotels.com/book/resources/fonts/ber5/fontawesome/fa-light-300.woff2
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/resources/libs/ber5/css/fontawesome-all.min.css?v=8.4.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
8c7b7c1cbf726f584b641d9ef44ba47e48d79a3fe76da325eea11c6fee5c879f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.movehotels.com/book/resources/libs/ber5/css/fontawesome-all.min.css?v=8.4.16
Origin
https://booking.movehotels.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
etag
W/"156980-1707381414000"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
accept-ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
156980
X-XSS-Protection
1; mode=block
fa-solid-900.woff2
booking.movehotels.com/book/resources/fonts/ber5/fontawesome/
115 KB
115 KB
Font
General
Full URL
https://booking.movehotels.com/book/resources/fonts/ber5/fontawesome/fa-solid-900.woff2
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/resources/libs/ber5/css/fontawesome-all.min.css?v=8.4.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
e268179ea70151a9cd0ce38b817ae3d690fd3bdcb27d1bb9cf7b82f19fcb64b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.movehotels.com/book/resources/libs/ber5/css/fontawesome-all.min.css?v=8.4.16
Origin
https://booking.movehotels.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
etag
W/"117616-1707381414000"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
accept-ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
117616
X-XSS-Protection
1; mode=block
CircularStd-Bold.otf
booking.movehotels.com/book/resources/fonts/ber5/circular/
78 KB
78 KB
Font
General
Full URL
https://booking.movehotels.com/book/resources/fonts/ber5/circular/CircularStd-Bold.otf
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/resources/css_new/ber5/_fonts/fonts.css?v=8.4.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
b3389576842d3d3cfe2a7eaa4bff964a2a7dc546839dc63f86334b4da827021f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.movehotels.com/book/resources/css_new/ber5/_fonts/fonts.css?v=8.4.16
Origin
https://booking.movehotels.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
etag
W/"79788-1707381414000"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
accept-ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
79788
X-XSS-Protection
1; mode=block
fa-regular-400.woff2
booking.movehotels.com/book/resources/fonts/ber5/fontawesome/
142 KB
142 KB
Font
General
Full URL
https://booking.movehotels.com/book/resources/fonts/ber5/fontawesome/fa-regular-400.woff2
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/resources/libs/ber5/css/fontawesome-all.min.css?v=8.4.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
80acc6f0287693dd76604cfdbf9d11a1b71cfab42b3747f735b63d2b091545fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.movehotels.com/book/resources/libs/ber5/css/fontawesome-all.min.css?v=8.4.16
Origin
https://booking.movehotels.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
etag
W/"145052-1707381414000"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
accept-ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
145052
X-XSS-Protection
1; mode=block
CircularStd-Medium.otf
booking.movehotels.com/book/resources/fonts/ber5/circular/
72 KB
73 KB
Font
General
Full URL
https://booking.movehotels.com/book/resources/fonts/ber5/circular/CircularStd-Medium.otf
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/resources/css_new/ber5/_fonts/fonts.css?v=8.4.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
74f6a57fc70bafd32fea1f1173ef1fab65b13f8a015f2be6f0672d7069b4f44f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.movehotels.com/book/resources/css_new/ber5/_fonts/fonts.css?v=8.4.16
Origin
https://booking.movehotels.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
etag
W/"74116-1707381414000"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
accept-ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
74116
X-XSS-Protection
1; mode=block
CircularStd-Black.otf
booking.movehotels.com/book/resources/fonts/ber5/circular/
78 KB
79 KB
Font
General
Full URL
https://booking.movehotels.com/book/resources/fonts/ber5/circular/CircularStd-Black.otf
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/resources/css_new/ber5/_fonts/fonts.css?v=8.4.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
ebb6e18a8d2e808b528a16f191fd4ce3c7b957f5b1573aeaf49cd7eada8c1486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://booking.movehotels.com/book/resources/css_new/ber5/_fonts/fonts.css?v=8.4.16
Origin
https://booking.movehotels.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 08 Feb 2024 08:36:54 GMT
Server
nginx
etag
W/"80028-1707381414000"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Connection
keep-alive
accept-ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
80028
X-XSS-Protection
1; mode=block
statsCollector
booking.movehotels.com/book/ws/
113 B
673 B
XHR
General
Full URL
https://booking.movehotels.com/book/ws/statsCollector?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Requested by
Host: ber-js.my-cdn.cloud
URL: https://ber-js.my-cdn.cloud/book/resources/libs/ber5/js/jquery.min.js?v=8.4.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
b921575f700e1e2ca89ea68929a8754a0fcedd96bc85d84dff8d95bbc6fed5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 14 Feb 2024 06:13:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
eae490ec-7578-4664-9075-79c4310de3c3.jpg
ber.my-cdn.cloud/data/45522/
296 KB
297 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/eae490ec-7578-4664-9075-79c4310de3c3.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54799c05755de90ee4b1f3ff0a50f4192c2c653787751bb8745802ccf9291ed3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
303500
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:16:16 GMT
server
cloudflare
etag
"65b8da80-4a18c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viXNAUkUjpcDjqwkEKEIiWS9G57r0Ytq%2BgKWtPS5gID%2BMd%2BIr7zRR07KOP66DuUOAsp0LkHL5saCCPxNij54OXfTZBbVqlfXVK7guecDdeb9vjAtoPSeslbNSr5SKYh9Z4D935HkumHGjhvFabs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afedccc9ab9-MIA
expires
Fri, 16 Feb 2024 06:05:19 GMT
a30cff38-26d9-47d1-8e8d-0be156a2be28.jpg
ber.my-cdn.cloud/data/45522/
193 KB
194 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/a30cff38-26d9-47d1-8e8d-0be156a2be28.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f880f7fec7f4e0274dfb761cf2e001710c3b22d91833aaffbebf50f5db513f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
197992
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:21:25 GMT
server
cloudflare
etag
"65b8dbb5-30568"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DlSpsZPW5sERuiVFz4wPqluDu8zaTDhRqK9itaHzuV%2FS0mV16syrF98xpdhuQCxfMFLdWpitYzAJ9Fgw9pYXmHrJA9MPkashqVdtEhyaqIjGkCOcZowrRA3FY5afRd4vPC9ivXjMwdJaoHP1to%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afedccd9ab9-MIA
expires
Mon, 19 Feb 2024 08:37:09 GMT
16db7f1b-d0df-4ac0-a317-1cc14276cfbc.jpg
ber.my-cdn.cloud/data/45522/
107 KB
108 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/16db7f1b-d0df-4ac0-a317-1cc14276cfbc.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e735b97525a36c78a69ce85c39accf32ce7c42c353686290e1967b3559baa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
109791
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:21:25 GMT
server
cloudflare
etag
"65b8dbb5-1acdf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1kZkItsi61xZ8OEUZAjZIuInwu1Yhlk3zaw4sUF8Jd4WHkHe8kcmkpTJKym6nO0TpG77IieVGUhZMCkvvrKD%2FoOeIF%2FE5iz4Y3icTomSVtf%2FkxJVnZO2CYkIzCTtsTtBRhSqNeTFtAGLwYhKl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afedcce9ab9-MIA
expires
Thu, 15 Feb 2024 02:19:33 GMT
586beed7-79ce-4889-9f3c-ee2a69e72917.jpg
ber.my-cdn.cloud/data/45522/
255 KB
256 KB
Image
General
Full URL
https://ber.my-cdn.cloud/data/45522/586beed7-79ce-4889-9f3c-ee2a69e72917.jpg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12efe39a7e23994d119737b40118f3991d4e481c5037ff12aa23170a3fda4cee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
261161
cf-bgj
h2pri
last-modified
Tue, 30 Jan 2024 11:13:09 GMT
server
cloudflare
etag
"65b8d9c5-3fc29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrUFIltgWv6TGas46BzCg8FLSHnFf820Kcj5RAX61mwZ1qsULPE9EAPkz4o32rp%2Fq0w4yc18NbBoM6lfD4Py%2FX52vL9aAmzOYLfRwBscNG7cZuYqCgTHWlg6ooUz264PmT9VqD9RNXuT6RbO0K0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
85532afedccf9ab9-MIA
expires
Fri, 16 Feb 2024 09:19:48 GMT
6548ebc57a115e00129643e5.js
buttons-config.sharethis.com/js/
499 B
943 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/6548ebc57a115e00129643e5.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24ef:4400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a599e8c9201a041a8a95dc5fa95b46336b04dc8ca3d6c353193b23ac644e7947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:13:57 GMT
via
1.1 f81f2f4f519f6df71f9662dc70bf6aa6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 06 Nov 2023 14:14:00 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
etag
"1ab44985fe2b9a2ad0b00d5604151dbe"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
499
x-amz-cf-id
lLUQp1LNGcXoW8Q_rtdtPHZC-9O0K4s9XdEXwdChADVtvGQ12lxipg==
pview
l.sharethis.com/
0
442 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=booking.movehotels.com&location=%2Fbook%2Fhome%2Fsingle&product=inline-share-buttons&url=https%3A%2F%2Fbooking.movehotels.com%2Fbook%2Fhome%2Fsingle%3Fnsid%3D7025e84b-f4c6-4772-8926-58f4a621a830&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Move%20Hotels%20Venezia%20Nord&cms=unknown&publisher=6548ebc57a115e00129643e5&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=28598933-32ca-45f1-baed-aed1e2e3e772
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.24.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-24-173.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:56 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://booking.movehotels.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
*
calendar
booking.movehotels.com/book/script/
5 KB
2 KB
XHR
General
Full URL
https://booking.movehotels.com/book/script/calendar?hotel=45522&layout=18453&lang=en&currency=EUR&nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Requested by
Host: ber-js.my-cdn.cloud
URL: https://ber-js.my-cdn.cloud/book/resources/libs/ber5/js/jquery.min.js?v=8.4.16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.56.10.123 Arezzo, Italy, ASN (),
Reverse DNS
host123-10-56-185.serverdedicati.aruba.it
Software
nginx /
Resource Hash
8891e863f552d81d67772814a1dcfb1999b1f483b7ff754fa4a8fd63c71d3253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 06:13:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json;charset=utf-8
X-Frame-Options
SAMEORIGIN
cache-control
public,max-age=300,s-maxage=300
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
facebook.svg
platform-cdn.sharethis.com/img/
301 B
726 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ee:6a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 12:17:23 GMT
via
1.1 6cfc86e6ccd19a4761a27f5f2d9c9a90.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C2
age
2138194
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
301
x-amz-cf-id
_OE6w9xIoQdCsLZ2Tzd6qgiwX07UupY6a63q0ZhM-DUTFyXb7uPwVg==
twitter.svg
platform-cdn.sharethis.com/img/
368 B
779 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ee:6a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:12:38 GMT
via
1.1 6cfc86e6ccd19a4761a27f5f2d9c9a90.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C2
age
80
x-amz-server-side-encryption
AES256
etag
"2deb3d5121d475d195577a70b0a91a0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
368
x-amz-cf-id
bD7FMKVUveXDRS9Z5F8guClMH2_DrwapvfixurOAWeADfVHHuVQHrA==
sharethis.svg
platform-cdn.sharethis.com/img/
514 B
939 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ee:6a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 13:05:32 GMT
via
1.1 6cfc86e6ccd19a4761a27f5f2d9c9a90.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C2
age
2135306
etag
"deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
514
x-amz-cf-id
zxt3TZGipWERLN1u-1myAZAOWEt5bUDTW6bKICSNbf688bBMVMHr3g==
messenger.svg
platform-cdn.sharethis.com/img/
372 B
797 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/messenger.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ee:6a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 12:17:23 GMT
via
1.1 6cfc86e6ccd19a4761a27f5f2d9c9a90.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C2
age
2138194
etag
"a5aa43fa302867d3e888ac2f69b7b288"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
372
x-amz-cf-id
PuwbmaKDUJIYP2xyiO6Svyfdm0aePM0AuGYE3r5pC7fZEWRupMI2zw==
whatsapp.svg
platform-cdn.sharethis.com/img/
832 B
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by
Host: booking.movehotels.com
URL: https://booking.movehotels.com/book/home/single?nsid=7025e84b-f4c6-4772-8926-58f4a621a830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ee:6a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://booking.movehotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 12:17:23 GMT
via
1.1 6cfc86e6ccd19a4761a27f5f2d9c9a90.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C2
age
2138194
etag
"afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
832
x-amz-cf-id
BA14ExKLfVZj8sGXuVktw7SevhOT57wiTQxu_TqI426CpRwwfLAj4w==

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| DOMAIN object| LANG function| $ function| jQuery function| Swiper function| _typeof function| hcSticky function| moment object| Mustache object| it function| checkCreditCard function| checkEmail function| checkCreditCardExpireDate function| getAmericanFormat function| checkCF function| checkPI boolean| loadOSMScript object| map object| mapSwiper function| OSMap function| createOSMScript object| searchObj object| formObject number| total string| compactLabel string| compactTotal undefined| naPopup undefined| naMsg undefined| naIn undefined| naOut undefined| naGo function| showDetail function| hasCheckIn function| hasCheckOut function| setCheckin function| setCheckout function| clearCheckout function| clearCheckin function| lowlight function| highlight function| checkRange function| removePopupCloseButton function| startDate function| clearAll undefined| clicked function| initNoAvailPlanner undefined| info undefined| tosend function| initNoAvailForms function| servicesInCart object| gtmServices object| gtmRequiredServices function| hideServiceCartItems object| $window number| previousScrollTop boolean| scrollLock function| stickySidebar function| headerAnim function| navigatorToggle function| countryToggle function| viewportHeight function| chainFilters function| showLoadingText function| formchange function| createRequiredErrorHandler function| initHotelResults function| initHotelSale boolean| doShowHideServicesCategories function| initReservationThree boolean| isDocumentReady function| initReservationFour function| creditCardRequire function| managePaymodeExtras function| managePaymodeExtraForm function| popupAnimate function| startCountdown function| transformSVG function| showHideServicesCategories function| truncate function| getTimestampService function| showHideDependentService function| filtersList function| customSelect boolean| isMobile boolean| isChrome boolean| isSafari boolean| isIE function| executeReservFormSubmit string| pageType function| displayCurrencies function| showCurrencies object| searchtag function| donewsearch undefined| becookie boolean| ismobile function| feeShowHide function| feeHide function| customizeShowHide function| customizeHide function| flap object| layout object| caller function| call function| show_popup function| checkCookie function| createCookie function| startChilds number| IDLE_TIMEOUT number| counter boolean| seen number| interval function| check function| show function| hide function| clear function| hideGuestInfoPopup object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| google_tag_manager object| google_tag_data

3 Cookies

Domain/Path Name / Value
booking.movehotels.com/book/home Name: nsredirect
Value: true
booking.movehotels.com/ Name: JSESSIONID
Value: s3~201E9E02F69D43E1CF3F03DF1BD871D0
booking.movehotels.com/ Name: BEID
Value: kifinrpo9T7QTIu8RmntZW1FfWG02E2SIJUHOq3r

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ber-js.my-cdn.cloud
ber.my-cdn.cloud
booking.movehotels.com
buttons-config.sharethis.com
cdn.bookingexpert.it
l.sharethis.com
platform-api.sharethis.com
platform-cdn.sharethis.com
www.googletagmanager.com
13.249.190.78
185.56.10.123
2600:9000:20ee:6a00:1d:85c3:6640:93a1
2600:9000:24ef:4400:c:abe:f440:93a1
2606:4700:20::ac43:45cd
2607:f8b0:4006:80d::2008
3.134.24.173
34.160.254.33
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
0567feb833736ea9de9da4592c89dcc84924a341d442bb4bec60fd61d44f8208
07981ffb7497e6d7f4d2c2a39a8fdb670f01cc0e8296f2dc799291ad4e549a10
12efe39a7e23994d119737b40118f3991d4e481c5037ff12aa23170a3fda4cee
1a8c6718fd32d53a6f3b9a28afb465ad42863f1ebcb24e47511a9e5872e2ad48
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
26725ee2640b1128583b0d5fddd04453bdba2de13fcadb411de5f5827c315aad
27e735b97525a36c78a69ce85c39accf32ce7c42c353686290e1967b3559baa8
28100c5f5b9eab142efb4090642b09a805bd097cc42e1854bef5993e970518d6
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
2bdc5389f32dc05459ee840ee8480c8b7f53f16967b86bd6827c1c645e255d23
3258bb61f5b69f33076dd0c91e13ddd2c7fe771882adff9345e90d4ab7c32426
38f105a3c9cb694c3d4d5a47e08008bf784141c4894c14c609f45d91cbaa1edc
3efd7582b96219681e70717909b000b3c420af402341a8d6e4e0cd35a8c0c4a8
41afc5db29e1aa3233d6af784ab6b975500aba72ee8e09e9981becebf64135c4
43efcab1d5a7c2f6741be9b60d0a9a52cc3eb786efe48f8eb6f02482d12b356d
473499559a8a3794e29edd18fbea3a6a932663465c654b9b7509b10ca9a504cf
4a6881f1d790746e7762ae3689055a30b5e98e2d5a0c9ae78f119126e7fe8685
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
505c949be240c0f717d167e87979cf04a0d4009196d9a4b96a3e2bf544a9d25f
54799c05755de90ee4b1f3ff0a50f4192c2c653787751bb8745802ccf9291ed3
56f880f7fec7f4e0274dfb761cf2e001710c3b22d91833aaffbebf50f5db513f
5d3a5d40948ac2b247511b411b00e1942c2453b93256b057b8ecbc3f9152742c
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
6229770d211d3e9ec87b1daf5fb2576cd88a3caab6a9cd45baf2240703c35800
7112b8536d59dbafe104a9b0193f006c9dc596249dc40ec266f1faf420f09dfd
74f6a57fc70bafd32fea1f1173ef1fab65b13f8a015f2be6f0672d7069b4f44f
763c6ce6cbd69fcd3c3b42b7d7b147eb0f2ff832e83185944ebf2d660b9f444f
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
80acc6f0287693dd76604cfdbf9d11a1b71cfab42b3747f735b63d2b091545fc
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8891e863f552d81d67772814a1dcfb1999b1f483b7ff754fa4a8fd63c71d3253
8c7b7c1cbf726f584b641d9ef44ba47e48d79a3fe76da325eea11c6fee5c879f
8fe67595e316215278f50a53f37ea104183d2150becb4e555415982a819a8b51
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
a0174e35f17238c804a60259249bd467000f5b5f0b2201a87cd4b74a00ad6068
a034b571b5041cbdfc051b3404fdc920471e26be4d90eea02dfaba807849b0f9
a23b4152045ea82dece364200d52d648c0b6b20fe91ced9593efda313e32a0bb
a2420bdd7757bcf50aaa3b36b61b0d8f93e86c299f1900c8858ddaf44a2cee02
a3445ede608e06f291a33a4e1e8bd90063c6d2e014a16fd1ad4f276634f96a2a
a599e8c9201a041a8a95dc5fa95b46336b04dc8ca3d6c353193b23ac644e7947
aedf1ddc29e6b2b0cd9678c64656a462ce88305df666ee0fe934dfc9362bccfe
b0827334cef1f1d894b39bf0ac520fd65af26b7340098f0f5e881411f57ddb15
b3389576842d3d3cfe2a7eaa4bff964a2a7dc546839dc63f86334b4da827021f
b78ab65b3b8f8973067d5cef3d3ce36b14f4c9a76dfe7c1413715668b1cdfb57
b921575f700e1e2ca89ea68929a8754a0fcedd96bc85d84dff8d95bbc6fed5d5
bbd88dff90131692af61aa40548f3cc3d663937818abd5fcad1edf56a8791363
be38e343abe84b4c0e82ce6f86838a1fca5963fc4889457501fa746cfbf18e63
c633b6cfaf4a705f2e90c882674377861b6df889d7aaebb884ac82a94c4faee9
cde48c097c618cf62095b0bbf307941a9d4a0c09b51f78a61120a0b5a78a5777
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
df850dbb8fe2ca9bf288e5d62bd896d8e33e050f009362c2fa602ed02a9c86fc
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e268179ea70151a9cd0ce38b817ae3d690fd3bdcb27d1bb9cf7b82f19fcb64b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e7ba0a417cebff417816bf9974474c66d873f98498f52339d7f178617c9f54
e8995be4b9d748c89ecf9c6add97dc834f14173666c238d397beac300b07dc8b
e90dee767245fb9f2d5ac9f6fb569fb7d19701e9a16cace435e6ec0d2bca351e
ebb6e18a8d2e808b528a16f191fd4ce3c7b957f5b1573aeaf49cd7eada8c1486
fd605efe2891347523bbfa6df61f508edb5bf0423739953a17cc6cda8f064a60
ff9e7483883c84313fd151b7914c23d4ad53ce022f074968af5f206fb357ac44