URL: https://gds.bookingexpert.it/
Submission: On December 05 via automatic, source certstream-suspicious — Scanned from IT

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 27 HTTP transactions. The main IP is 2606:4700:10::6814:5a8, located in United States and belongs to CLOUDFLARENET, US. The main domain is gds.bookingexpert.it.
TLS certificate: Issued by WE1 on December 5th 2024. Valid for: 3 months.
This is the only time gds.bookingexpert.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
16 bookingexpert.it
gds.bookingexpert.it
463 KB
3 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 10483
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
262 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 415
32 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 623
33 KB
27 6
Domain Requested by
16 gds.bookingexpert.it gds.bookingexpert.it
3 bam.eu01.nr-data.net gds.bookingexpert.it
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com gds.bookingexpert.it
1 js-agent.newrelic.com gds.bookingexpert.it
1 www.gstatic.com gds.bookingexpert.it
1 ajax.googleapis.com gds.bookingexpert.it
1 fonts.googleapis.com gds.bookingexpert.it
27 8

This site contains no links.

Subject Issuer Validity Valid
gds.bookingexpert.it
WE1
2024-12-05 -
2025-03-05
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2024-07-12 -
2025-07-11
a year crt.sh

This page contains 2 frames:

Primary Page: https://gds.bookingexpert.it/
Frame ID: 741E00287AFE237BEDEF40FB96F8DA11
Requests: 26 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfdOsYaAAAAAA5G3hfFuAoW2mvAH6NLcTPY3xL_&co=aHR0cHM6Ly9nZHMuYm9va2luZ2V4cGVydC5pdDo0NDM.&hl=it&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=khwkhhran0zj
Frame ID: 3425D7C3B0F98E45D6C48CDFBFEF7A75
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Login | CRS

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

792 kB
Transfer

1522 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gds.bookingexpert.it/
66 KB
23 KB
Document
General
Full URL
https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0799a38d02176751ad3c4fc2f62fab489614132bb6c7fafaef109020bda159ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ed302a79dd4ed4f-MXP
content-encoding
gzip
content-length
22610
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
content-type
text/html; charset=UTF-8
date
Thu, 05 Dec 2024 09:29:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
all.css
gds.bookingexpert.it/fontawesome-pro/css/
207 KB
34 KB
Stylesheet
General
Full URL
https://gds.bookingexpert.it/fontawesome-pro/css/all.css
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3140dec577f6cd55fa0a0e0cd0936a0e2bd96af1b8992d068abc2e4d91ac855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"33d7a-5b0845569b4a6-gzip"
x-content-type-options
nosniff
date
Thu, 05 Dec 2024 09:29:11 GMT
content-type
text/css
last-modified
Wed, 30 Sep 2020 09:14:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8ed302a88fc2ed4f-MXP
accept-ranges
bytes
content-length
35057
x-xss-protection
1; mode=block
server
cloudflare
v4-shims.css
gds.bookingexpert.it/fontawesome-pro/css/
40 KB
4 KB
Stylesheet
General
Full URL
https://gds.bookingexpert.it/fontawesome-pro/css/v4-shims.css
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e3428f65a75ed9bb3a3c0278694e1610582358053d6d85273b22d21fdc141f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"a0a8-5b0845569e386-gzip"
x-content-type-options
nosniff
date
Thu, 05 Dec 2024 09:29:11 GMT
content-type
text/css
last-modified
Wed, 30 Sep 2020 09:14:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8ed302a88fc5ed4f-MXP
accept-ranges
bytes
content-length
4327
x-xss-protection
1; mode=block
server
cloudflare
css2
fonts.googleapis.com/
5 KB
990 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
809df0321e4c22fb83008efca44b5f5e7aa10b7bb1ca6234a78d0795a7ec6ea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 09:29:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 09:29:11 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 05 Dec 2024 09:14:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
user_access.css
gds.bookingexpert.it/css/login/
3 KB
1 KB
Stylesheet
General
Full URL
https://gds.bookingexpert.it/css/login/user_access.css
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e448068984059adb3373fd51cad73472a3267186f602b446715d9e0e976008
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"d85-5c43cffda7481-gzip"
x-content-type-options
nosniff
date
Thu, 05 Dec 2024 09:29:11 GMT
content-type
text/css
last-modified
Tue, 08 Jun 2021 08:32:33 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8ed302a88fc7ed4f-MXP
accept-ranges
bytes
content-length
1070
x-xss-protection
1; mode=block
server
cloudflare
login.css
gds.bookingexpert.it/css/login/
1 KB
569 B
Stylesheet
General
Full URL
https://gds.bookingexpert.it/css/login/login.css
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04113a10812dfc35229143023331dea50c10178560d8b356f565227b786c4083
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"5a4-6152b65ebe780-gzip"
x-content-type-options
nosniff
date
Thu, 05 Dec 2024 09:29:12 GMT
content-type
text/css
last-modified
Wed, 03 Apr 2024 06:33:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8ed302a88fcaed4f-MXP
accept-ranges
bytes
content-length
437
x-xss-protection
1; mode=block
server
cloudflare
logoarea_109.jpg
gds.bookingexpert.it/css/login/img/
13 KB
14 KB
Image
General
Full URL
https://gds.bookingexpert.it/css/login/img/logoarea_109.jpg
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
137d5177b697346ac90ea9e3eb6a281df215c4ab9124e79e682caefef2855d16
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"35f6-5c842b0ec2522"
x-content-type-options
nosniff
cf-ray
8ed302a88fcbed4f-MXP
accept-ranges
bytes
content-length
13814
date
Thu, 05 Dec 2024 09:29:11 GMT
x-xss-protection
1; mode=block
last-modified
Thu, 29 Jul 2021 13:00:45 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
ita.png
gds.bookingexpert.it/css/login/img/50w/
708 B
800 B
Image
General
Full URL
https://gds.bookingexpert.it/css/login/img/50w/ita.png
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d8b378317cd5603e03b1b46b38e5453e9fdd6764e15413bb0e793e5b1c45a3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"2c4-5c310487e6e2a"
x-content-type-options
nosniff
cf-ray
8ed302a88fcded4f-MXP
accept-ranges
bytes
content-length
708
date
Thu, 05 Dec 2024 09:29:12 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
eng.png
gds.bookingexpert.it/css/login/img/50w/
1 KB
1 KB
Image
General
Full URL
https://gds.bookingexpert.it/css/login/img/50w/eng.png
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b16cb7c608e3c7353431f44b1a5b5a7cd154993e6925d98f675e1b591abf0dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"59a-5c310487c9969"
x-content-type-options
nosniff
cf-ray
8ed302a88fceed4f-MXP
accept-ranges
bytes
content-length
1434
date
Thu, 05 Dec 2024 09:29:11 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
esp.png
gds.bookingexpert.it/css/login/img/50w/
1 KB
1 KB
Image
General
Full URL
https://gds.bookingexpert.it/css/login/img/50w/esp.png
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b0a6fb46f19547cbc20f01ef6fa3eaad7a552d685c0c5797e46e5854dfd024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"466-5c310487aa568"
x-content-type-options
nosniff
cf-ray
8ed302a88fcfed4f-MXP
accept-ranges
bytes
content-length
1126
date
Thu, 05 Dec 2024 09:29:11 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
fra.png
gds.bookingexpert.it/css/login/img/50w/
706 B
809 B
Image
General
Full URL
https://gds.bookingexpert.it/css/login/img/50w/fra.png
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce55a90c6bda2a89278653f00a90f8d6aa4c0635a8b44ce508f75e48c668b5d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"2c2-5c310487f682b"
x-content-type-options
nosniff
cf-ray
8ed302a88fd0ed4f-MXP
accept-ranges
bytes
content-length
706
date
Thu, 05 Dec 2024 09:29:11 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
deu.png
gds.bookingexpert.it/css/login/img/50w/
640 B
720 B
Image
General
Full URL
https://gds.bookingexpert.it/css/login/img/50w/deu.png
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5798496136127c91eda9e60415bf123c0ce900c3a29825013ed920a6dfcab0c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"280-5c3104878d0a7"
x-content-type-options
nosniff
cf-ray
8ed302a8b817ed4f-MXP
accept-ranges
bytes
content-length
640
date
Thu, 05 Dec 2024 09:29:11 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 09:46:26 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

content-encoding
gzip
age
9316
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 06:53:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 06:53:55 GMT
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31017
x-xss-protection
0
server
sffe
enterprise.js
www.google.com/recaptcha/
2 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LfdOsYaAAAAAA5G3hfFuAoW2mvAH6NLcTPY3xL_
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
ESF /
Resource Hash
0320ff5eaeced97253b323948b83798e92990e450a6b3c69a28be0baac1b4fd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 09:29:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 05 Dec 2024 09:29:11 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
login.js
gds.bookingexpert.it/js/login/
10 KB
3 KB
Script
General
Full URL
https://gds.bookingexpert.it/js/login/login.js?time=1674499768
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a024570f3094ce5f158afd3c34181d65a1ebe207df4173537c39bac1e08fa47a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"2679-5f2ebd3c9b000-gzip"
x-content-type-options
nosniff
date
Thu, 05 Dec 2024 09:29:11 GMT
content-type
application/javascript
last-modified
Mon, 23 Jan 2023 10:26:08 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cf-ray
8ed302a88fd1ed4f-MXP
accept-ranges
bytes
content-length
2821
x-xss-protection
1; mode=block
server
cloudflare
sfondoarea_109.png
gds.bookingexpert.it/css/login/img/
20 KB
21 KB
Image
General
Full URL
https://gds.bookingexpert.it/css/login/img/sfondoarea_109.png
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4df1fecee79f596168831f49203afc152b68a4c9008dabde0ad17280f3d046
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-cache-status
MISS
etag
"4f6f-5c842b0e9d360"
x-content-type-options
nosniff
cf-ray
8ed302aa9c08ed4f-MXP
accept-ranges
bytes
content-length
20335
date
Thu, 05 Dec 2024 09:29:12 GMT
x-xss-protection
1; mode=block
last-modified
Thu, 29 Jul 2021 13:00:45 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
fa-regular-400.woff2
gds.bookingexpert.it/fontawesome-pro/webfonts/
170 KB
171 KB
Font
General
Full URL
https://gds.bookingexpert.it/fontawesome-pro/webfonts/fa-regular-400.woff2
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/fontawesome-pro/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gds.bookingexpert.it
Referer
https://gds.bookingexpert.it/fontawesome-pro/css/all.css

Response headers

cf-cache-status
MISS
etag
"2a918-5b084556a1266"
x-content-type-options
nosniff
date
Thu, 05 Dec 2024 09:29:12 GMT
content-type
font/woff2
last-modified
Wed, 30 Sep 2020 09:14:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8ed302aaac1eed4f-MXP
accept-ranges
bytes
content-length
174360
x-xss-protection
1; mode=block
server
cloudflare
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gds.bookingexpert.it
Referer
https://fonts.googleapis.com/

Response headers

age
159899
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 13:04:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 13:04:13 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
fa-light-300.woff2
gds.bookingexpert.it/fontawesome-pro/webfonts/
186 KB
186 KB
Font
General
Full URL
https://gds.bookingexpert.it/fontawesome-pro/webfonts/fa-light-300.woff2
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/fontawesome-pro/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a8ed4a9ae2e4bf2af86d128b59c0c65e4992b3181e73851ff7d9cdca3833586
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gds.bookingexpert.it
Referer
https://gds.bookingexpert.it/fontawesome-pro/css/all.css

Response headers

cf-cache-status
MISS
etag
"2e7e8-5b084556a02c6"
x-content-type-options
nosniff
date
Thu, 05 Dec 2024 09:29:12 GMT
content-type
font/woff2
last-modified
Wed, 30 Sep 2020 09:14:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8ed302aaac1fed4f-MXP
accept-ranges
bytes
content-length
190440
x-xss-protection
1; mode=block
server
cloudflare
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gds.bookingexpert.it
Referer
https://fonts.googleapis.com/

Response headers

age
64955
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 15:26:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 15:26:37 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
recaptcha__it.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/
548 KB
217 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f11b59029aa57b52e4d5a99995674982b2c497e7719a7e4dc5d342b182b29082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gds.bookingexpert.it
Referer
https://gds.bookingexpert.it/

Response headers

content-encoding
gzip
age
183749
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 06:26:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 06:26:43 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221864
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/enterprise/ Frame 3425
0
0
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfdOsYaAAAAAA5G3hfFuAoW2mvAH6NLcTPY3xL_&co=aHR0cHM6Ly9nZHMuYm9va2luZ2V4cGVydC5pdDo0NDM.&hl=it&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=khwkhhran0zj
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LRfQkl60Nkyzms1ivVnRPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gds.bookingexpert.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LRfQkl60Nkyzms1ivVnRPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Dec 2024 09:29:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
nr-spa-1.274.0.min.js
js-agent.newrelic.com/
112 KB
33 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1.274.0.min.js
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
260cf29b6dff3070c9c482f061b41fb1c824da453f9840bec97e6093e858646b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gds.bookingexpert.it
Referer
https://gds.bookingexpert.it/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"8860d7fbe4269bf986871525818b1acb"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
33155
date
Thu, 05 Dec 2024 09:29:12 GMT
last-modified
Wed, 20 Nov 2024 01:01:00 GMT
content-type
application/javascript
x-served-by
cache-mxp6974-MXP
x-cache-hits
58781
vary
Accept-Encoding
favicon.ico
gds.bookingexpert.it/
0
101 B
Other
General
Full URL
https://gds.bookingexpert.it/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gds.bookingexpert.it/

Response headers

cf-cache-status
MISS
etag
"0-4d77ba2325740"
x-content-type-options
nosniff
date
Thu, 05 Dec 2024 09:29:12 GMT
content-type
image/vnd.microsoft.icon
last-modified
Sat, 09 Mar 2013 10:45:09 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
cache-control
max-age=3600
cf-ray
8ed302af6d83ed4f-MXP
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
NRJS-1d8ad792d8b8bc2fedf
bam.eu01.nr-data.net/1/
187 B
691 B
XHR
General
Full URL
https://bam.eu01.nr-data.net/1/NRJS-1d8ad792d8b8bc2fedf?a=435079197&v=1.274.0&to=MhBSZQoZXxBYVUAIWgtac0QLDF4OFkFRAxo%3D&rst=3418&ck=0&s=a95497a16d9898db&ref=https://gds.bookingexpert.it/&ptid=bbd46f345fe190fa&af=err,spa,xhr,stn,ins&ap=17&be=2181&fe=1113&dc=356&at=HldRE0IDTB4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1733390949551,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:22,%22c%22:22,%22s%22:2020,%22ce%22:2056,%22rq%22:2056,%22rp%22:2182,%22rpe%22:2186,%22di%22:2537,%22ds%22:2537,%22de%22:2537,%22dc%22:3293,%22l%22:3293,%22le%22:3294%7D,%22navigation%22:%7B%7D%7D&fp=2556&fcp=2556
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
be256cb7724092ec4e7a96614b23ad86a91789b8dba939911a71549395cad8d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://gds.bookingexpert.it/

Response headers

access-control-expose-headers
Date
timing-allow-origin
https://gds.bookingexpert.it
x-envoy-upstream-service-time
4
Connection
keep-alive
cross-origin-resource-policy
cross-origin
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials
true
access-control-allow-origin
https://gds.bookingexpert.it
Content-Length
187
date
Thu, 05 Dec 2024 09:29:13 GMT
content-type
text/plain
x-served-by
cache-mxp6949-MXP
server
istio-envoy
blobs
bam.eu01.nr-data.net/browser/
24 B
339 B
XHR
General
Full URL
https://bam.eu01.nr-data.net/browser/blobs?browser_monitoring_key=NRJS-1d8ad792d8b8bc2fedf&type=BrowserSessionChunk&app_id=435079197&protocol_version=0&timestamp=1733390949593&attributes=entityGuid%3DMzUxMDg3MHxCUk9XU0VSfEFQUExJQ0FUSU9OfDQzNTA3OTk5OQ%26harvestId%3Da95497a16d9898db_bbd46f345fe190fa_1%26trace.firstTimestamp%3D1733390949593%26trace.lastTimestamp%3D1733390952887%26trace.nodes%3D26%26trace.originTimestamp%3D1733390949593%26agentVersion%3D1.274.0%26firstSessionHarvest%3Dtrue%26ptid%3Dbbd46f345fe190fa%26session%3Da95497a16d9898db%26currentUrl%3Dhttps://gds.bookingexpert.it/
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://gds.bookingexpert.it/

Response headers

Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin
https://gds.bookingexpert.it
Content-Length
24
date
Thu, 05 Dec 2024 09:29:13 GMT
content-type
image/gif
x-served-by
cache-mxp6949-MXP
NRJS-1d8ad792d8b8bc2fedf
bam.eu01.nr-data.net/events/1/
24 B
339 B
XHR
General
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-1d8ad792d8b8bc2fedf?a=435079197&v=1.274.0&to=MhBSZQoZXxBYVUAIWgtac0QLDF4OFkFRAxo%3D&rst=3615&ck=0&s=a95497a16d9898db&ref=https://gds.bookingexpert.it/&ptid=bbd46f345fe190fa
Requested by
Host: gds.bookingexpert.it
URL: https://gds.bookingexpert.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://gds.bookingexpert.it/

Response headers

Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin
https://gds.bookingexpert.it
Content-Length
24
date
Thu, 05 Dec 2024 09:29:13 GMT
content-type
image/gif
x-served-by
cache-mxp6949-MXP

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| NREUM object| webpackChunk:NRBA-1.274.0.PROD object| newrelic function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| changeFlag function| getErrorType function| setWrongCredentialsError function| setError function| setTranslatedText function| togglePasswordVisibility function| togglePasswordFont function| loginUser function| generateString function| changeFieldsName function| copyIPAddress function| changeLanguage object| recaptcha object| closure_lm_624897

3 Cookies

Domain/Path Name / Value
.gds.bookingexpert.it/ Name: _crs_extranet_sessions
Value: ci2nng7h37gbctgn5stc3u8c6o
.gds.bookingexpert.it/ Name: _crs_extranet_cors
Value: f5d6fa063e7db628b0da18a10ada6ffe6a61f9315874397b16e1b6377917c9d9
gds.bookingexpert.it/ Name: login_lang
Value: eng

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.verticalbooking.com *.alesiadistribution.com *.zbooking.travel *.blastnessbooking.com *.googleapis.com *.datatables.net *.jsdelivr.net *.booking.com *.googleapis.com *.gstatic.com *.fontawesome.com *.google-analytics.com *.google.com *.gstatic.com *.bstatic.com *.guestflip.io *.jquery.com *.cloudflare.com *.iubenda.com *.amazonaws.com *.newrelic.com *.nr-data.net *.adsrvr.org *.cookiebot.com *.nghotels.online *.delphina.it *.nagich.com *.oppwa.com *.d-edgeconnect.media *.asksuite.com *.triptease.io *.auryc.com *.living3d.it *.doubleclick.net *.gtsgapps.com *.laasie.ai *.gtsgig.com *.sojern.com *.thehotelsnetwork.com *.jetpay.com *.clubdelsole.com *.hirimini.com *.amrcollection.com *.hyattinclusivecollection.com *.villasassa.ch *.beyouhotel.it *.relais.it *.mitec.com.mx *.e-pago.com.mx *.americanexpress.com *.okgini.com *.stayntouch.com form.wspay.biz bol.figarohdt.com booking.voihotels.com; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam.eu01.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
gds.bookingexpert.it
js-agent.newrelic.com
www.google.com
www.gstatic.com
142.250.185.131
172.217.16.195
172.217.16.196
185.221.87.23
2602:816:5001::39
2606:4700:10::6814:5a8
2a00:1450:4001:813::200a
2a00:1450:4001:829::200a
0320ff5eaeced97253b323948b83798e92990e450a6b3c69a28be0baac1b4fd4
04113a10812dfc35229143023331dea50c10178560d8b356f565227b786c4083
0799a38d02176751ad3c4fc2f62fab489614132bb6c7fafaef109020bda159ae
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
137d5177b697346ac90ea9e3eb6a281df215c4ab9124e79e682caefef2855d16
260cf29b6dff3070c9c482f061b41fb1c824da453f9840bec97e6093e858646b
4b16cb7c608e3c7353431f44b1a5b5a7cd154993e6925d98f675e1b591abf0dc
55d8b378317cd5603e03b1b46b38e5453e9fdd6764e15413bb0e793e5b1c45a3
5798496136127c91eda9e60415bf123c0ce900c3a29825013ed920a6dfcab0c4
5ce55a90c6bda2a89278653f00a90f8d6aa4c0635a8b44ce508f75e48c668b5d
76b0a6fb46f19547cbc20f01ef6fa3eaad7a552d685c0c5797e46e5854dfd024
809df0321e4c22fb83008efca44b5f5e7aa10b7bb1ca6234a78d0795a7ec6ea8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a8ed4a9ae2e4bf2af86d128b59c0c65e4992b3181e73851ff7d9cdca3833586
a024570f3094ce5f158afd3c34181d65a1ebe207df4173537c39bac1e08fa47a
a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7
bc4df1fecee79f596168831f49203afc152b68a4c9008dabde0ad17280f3d046
be256cb7724092ec4e7a96614b23ad86a91789b8dba939911a71549395cad8d0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
e0e448068984059adb3373fd51cad73472a3267186f602b446715d9e0e976008
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e3428f65a75ed9bb3a3c0278694e1610582358053d6d85273b22d21fdc141f
f11b59029aa57b52e4d5a99995674982b2c497e7719a7e4dc5d342b182b29082
f3140dec577f6cd55fa0a0e0cd0936a0e2bd96af1b8992d068abc2e4d91ac855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e