urlscan.io logo urlscan.io
SecurityTrails logo

recantopedrocaschalsacessovecu.apartbin.top Open in urlscan Pro
2606:4700:3030::6815:47cb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.recantopedrocaschalsacessovecu.apartbin.top/
Effective URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Submission: On December 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 1 countries across 12 domains to perform 97 HTTP transactions. The main IP is 2606:4700:3030::6815:47cb, located in United States and belongs to CLOUDFLARENET, US. The main domain is recantopedrocaschalsacessovecu.apartbin.top.
TLS certificate: Issued by E1 on October 29th 2023. Valid for: 3 months.
This is the only time recantopedrocaschalsacessovecu.apartbin.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3030::6815:47cb (United States)

ASN13335 (CLOUDFLARENET, US)
www.recantopedrocaschalsacessovecu.apartbin.top
recantopedrocaschalsacessovecu.apartbin.top
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)
translate.google.com
6    2606:4700:4400::6812:2262 (United States)

ASN13335 (CLOUDFLARENET, US)
widget.getyourguide.com
1    2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:141b:800::1726:a8c3 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn-icons-png.flaticon.com
20    2600:9000:2073:9600:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.bstatic.com
9    2606:4700:e2::ac40:8107 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)
translate.googleapis.com
2    52.85.61.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-64.ewr53.r.cloudfront.net
www.booking.com
1    2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2607:f8b0:4006:808::2003 (United States)

ASN15169 (GOOGLE, US)
maps.gstatic.com
31    2606:4700:4400::ac40:942a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.getyourguide.com
Apex Domain
Subdomains		 Transfer
37 getyourguide.com
widget.getyourguide.com — Cisco Umbrella Rank: 39959
cdn.getyourguide.com — Cisco Umbrella Rank: 47123
613 KB
20 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 16074
789 KB
19 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
fonts.googleapis.com — Cisco Umbrella Rank: 29
translate.googleapis.com — Cisco Umbrella Rank: 947
maps.googleapis.com — Cisco Umbrella Rank: 357
327 KB
10 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1544
ka-f.fontawesome.com — Cisco Umbrella Rank: 3137
218 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
maps.gstatic.com
41 KB
2 booking.com
www.booking.com — Cisco Umbrella Rank: 10037
58 KB
2 apartbin.top
www.recantopedrocaschalsacessovecu.apartbin.top
recantopedrocaschalsacessovecu.apartbin.top
6 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
272 B
1 flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 41675
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1298
31 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988
5 KB
97 12
Domain Requested by
31 cdn.getyourguide.com widget.getyourguide.com
cdn.getyourguide.com
recantopedrocaschalsacessovecu.apartbin.top
20 cf.bstatic.com recantopedrocaschalsacessovecu.apartbin.top
www.booking.com
cf.bstatic.com
11 maps.googleapis.com cf.bstatic.com
maps.googleapis.com
9 ka-f.fontawesome.com kit.fontawesome.com
recantopedrocaschalsacessovecu.apartbin.top
6 widget.getyourguide.com recantopedrocaschalsacessovecu.apartbin.top
widget.getyourguide.com
5 fonts.googleapis.com recantopedrocaschalsacessovecu.apartbin.top
2 www.booking.com recantopedrocaschalsacessovecu.apartbin.top
cf.bstatic.com
2 translate.googleapis.com recantopedrocaschalsacessovecu.apartbin.top
1 maps.gstatic.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com
1 cdn-icons-png.flaticon.com recantopedrocaschalsacessovecu.apartbin.top
1 www.googletagmanager.com recantopedrocaschalsacessovecu.apartbin.top
1 translate.google.com recantopedrocaschalsacessovecu.apartbin.top
1 maxcdn.bootstrapcdn.com recantopedrocaschalsacessovecu.apartbin.top
1 kit.fontawesome.com recantopedrocaschalsacessovecu.apartbin.top
1 ajax.googleapis.com recantopedrocaschalsacessovecu.apartbin.top
1 recantopedrocaschalsacessovecu.apartbin.top
1 www.recantopedrocaschalsacessovecu.apartbin.top 1 redirects
97 20

This site contains links to these domains. Also see Links.

Domain
booking.com
Subject Issuer Validity Valid
apartbin.top
E1		 2023-10-29 -
2024-01-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
widget.getyourguide.com
E1		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.flaticon.com
R3		 2023-11-25 -
2024-02-23		 3 months crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-29 -
2024-11-28		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.booking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-12 -
2024-05-18		 a year crt.sh
cdn.getyourguide.com
Cloudflare Inc ECC CA-3		 2023-10-31 -
2024-10-30		 a year crt.sh

This page contains 3 frames:

Primary Page: https://recantopedrocaschalsacessovecu.apartbin.top/
Frame ID: B70A6A19B2123CE43F21883A91977656
Requests: 38 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Frame ID: 266CA9043F75219A6BF53E007DBEB61E
Requests: 27 HTTP requests in this frame

Frame: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Frame ID: 788E3400F0578BD0893341A5973E7D4F
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Recanto Pedrocas Chalés acesso veículos 4 X 4

Page URL History Show full URLs

  1. http://www.recantopedrocaschalsacessovecu.apartbin.top/ HTTP 301
    https://recantopedrocaschalsacessovecu.apartbin.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

100 %
HTTPS

95 %
IPv6

12
Domains

20
Subdomains

20
IPs

1
Countries

2199 kB
Transfer

4907 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.recantopedrocaschalsacessovecu.apartbin.top/ HTTP 301
    https://recantopedrocaschalsacessovecu.apartbin.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
recantopedrocaschalsacessovecu.apartbin.top/
Redirect Chain
  • http://www.recantopedrocaschalsacessovecu.apartbin.top/
  • https://recantopedrocaschalsacessovecu.apartbin.top/
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:47cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb510119610836f9506f83340da311a4e6b42a2bb4449ac15ba2e2f39950cdd3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83813383089b0a12-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 17:00:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDAOKKaCVlFCpvFwdhiZtYmAPKPVcmYdM1ZOm0bIoRAffH%2BpPDTm42K3w84hTAd%2F9QWd4ZhYXP6iqC9Nwqu%2FV9PwXwVPCs2cSxRiE940CIfouVqNwnrDc6r8MWsKJPbJkOfFpskocvUj7vGegoBp4PWsvWpLvHYZZPE7tkxG51FrYhRnGCn9xZyf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
838133818f44741c-MIA
Connection
keep-alive
Content-Type
text/html
Date
Tue, 19 Dec 2023 17:00:20 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE11QHF5NSvSPeC5nZym5Dsn93KRnW20PTSnaCh5e5woZ%2BhZ9JDQHSxxnk%2Fdv9UJ8LZgCWD5kCH7V1DH2Ymr8GHZera0uj8cvuCMPf7xqihG0DcO8FWHtar6oYGusnqhLfMVR0%2FS%2BlEjDoF1T8drxnZRDLMW%2Bc81z5z7kLz2Y3do3EiglhCPKxkv%2FeK0wA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
location
https://recantopedrocaschalsacessovecu.apartbin.top/
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 17:00:20 GMT
css
fonts.googleapis.com/ 		761 B
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 17:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 16:06:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 17:00:21 GMT
css
fonts.googleapis.com/ 		10 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900&display=swap
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ddc64e22f33795e2f16bcd5b11fd432261ac3be8cfbee73f94c678658ec98147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 17:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 15:37:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 17:00:21 GMT
css
fonts.googleapis.com/ 		5 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 17:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 16:04:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 17:00:21 GMT
css
fonts.googleapis.com/ 		6 KB
625 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,600,700&display=swap
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bcef4d15a0c7757ddd9eb4e6a81f65d7aedc5fe6f4ba95d90c5a63381f156ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 17:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 16:52:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 17:00:21 GMT
css
fonts.googleapis.com/ 		11 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin:100,200,300,400,500,600,700,800,900&display=swap
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63f9e635bca6053c2baecd7e90f62ab7223c1425e93fb60fd6c1a8ece6151923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 17:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 17:00:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 17:00:21 GMT
c597f1ee3e.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/c597f1ee3e.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa8ae1f03ce748f5ab16b8c3bc8f18615a1ae41b8b7e083b861d322aa8641bcc

Request headers

Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
Origin
https://recantopedrocaschalsacessovecu.apartbin.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:21 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8381338c4e1fdb25-MIA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F6JKOfUSL87924lDKlJC
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625
age
3313245
cdn-cachedat
09/19/2022 06:13:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"feda974a77ea5783b8be673f142b7c88"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ae19b99088d4f73d4a664331e6bdbc3c
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8381338c6e1a225d-MIA
cdn-requestpullsuccess
True
element.js
translate.google.com/translate_a/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb396a40f3015873640f456b03fec7dde3e707428080d01e050ed775351727d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 17:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
pa.umd.production.min.js
widget.getyourguide.com/dist/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/dist/pa.umd.production.min.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1159b30c458b9e6c86bd4f14e9682ea5e532eb704b7c7a76e97455d80b8bbc0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NC6CSSMY7W4JSBHA
age
2390
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4/w/PSn48qXC9ka8qMyPsFeLI/7oDf+Pwgm+IGxX3YrSuO+iAOx65gfm5zeWbeNi6Pcsjo7qBQk=
last-modified
Tue, 24 Oct 2023 11:57:25 GMT
server
cloudflare
etag
W/"e92e91e8f89f79fd592685524309a57f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZhZsTK4BJONnlS11ebpA%2FyHJnelzL9KQg5LAN%2BpVZ6BpGc796VJseFeY%2BPMLDUifscQArG5VzdT5FQPm3PFbFyxJzyuwmX8qHYmq%2BXP66cGxPeV8YsD0%2BtOL838KhIf2NFNyBcbdvqq1H73wnkGmOmFPv3O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600, public, must-revalidate
cf-ray
8381338e88fd4c04-MIA
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GQPP52LWDP
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67f115695868153447017eb808ed1d6e97dfb41538a20b86042c61d4aafa05a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93069
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Dec 2023 17:00:22 GMT
4540790.png
cdn-icons-png.flaticon.com/512/4540/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-icons-png.flaticon.com/512/4540/4540790.png
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:800::1726:a8c3 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ea566bcfe25ec81ab2688387def9cb5990637e85a559003486d7f44f434302b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:21 GMT
x-amz-meta-goog-reserved-file-mtime
1618407112
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
21282
pragma
public
last-modified
Thu, 14 Oct 2021 17:42:10 GMT
etag
"a442729b18adb8a2204efb18b90423e8"
vary
Accept-Encoding
x-goog-generation
1634233330818338
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
x-goog-stored-content-length
21282
x-amz-checksum-crc32c
FvDczg==
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1627247437293334
expires
Tue, 19 Dec 2023 17:00:21 GMT
467642257.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/467642257.jpg?k=63949bfb159e72fd0ab70c282349689e0b653efb14ead88e5de673d3e8556482&o=&hp=1
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ee4223e10a637aed67fcbfce9afe1418378e04f4ef31aadf897908a11f574b6c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD50-C2
etag
"179a77a057d65837f780c5f8f19edb211a4334a1"
x-cache
Miss from cloudfront
content-language
117743
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
fLlrEIs1QlTcBZ4RKaCQ0o7PWFxBIgBLR5Q4Dpk8Dju73G4fmTYmmQ==
x-xss-protection
1; mode=block
467642175.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/467642175.jpg?k=aec44f18cb0de04832bbc158c54c02fb6ee94126bfc8609532c7e50198fc5223&o=&hp=1
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6fd42c02b12745f655e04e361e87cceb57f7d30e2af4dd182a3c876ffdd5102b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD50-C2
etag
"6a267fefab0a227b6b0e046c18689b4eabca9d94"
x-cache
Miss from cloudfront
content-language
92603
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
RGhLpVHVSaa3WC0tRSXBgCc8O91an2723Gbyl8Jzdqdc4XX_sRdhmA==
x-xss-protection
1; mode=block
467642044.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/467642044.jpg?k=992e1bde56be1d315a22a7233e5cab839ba257ae3ce164eac53558a06dd74235&o=&hp=1
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4a698da0c7280e507b417582b1ec74ab0489189984635dda6ae60471a4d3fa63
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD50-C2
etag
"076099a675ef273067e170d7c250c74be298e52d"
x-cache
Miss from cloudfront
content-language
110385
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
WO_PtBfFhKVggqS_dy156l1rxvgSCIwWO1KEY62auL-BSL_yz2n69w==
x-xss-protection
1; mode=block
467642014.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/467642014.jpg?k=6bcaea88114ec0515d8b19447e2e0ef68703144ed382cc61184a48696477e718&o=&hp=1
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9cdca1b97c48b26efb5fb742f78075bfabfc252b03320eb1fd2a6592dbbef919
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD50-C2
etag
"858033d025e28f5627b2037b2986a005a26cbc1c"
x-cache
Miss from cloudfront
content-language
51806
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
lzWwghKslqKg90QbACNI5RspNslvSonG0IaCeOsSp-BX76UA1oy5jw==
x-xss-protection
1; mode=block
467538737.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/467538737.jpg?k=ec4dc24b83b4c3de1f96460c792f131ef5fd63a715e0bdf7fd0b24e71d69aa89&o=&hp=1
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2f25ea7e5a3a22457dd0f39527d10ab53cc48f6de050cb2b30ac51f3aba69ea
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD50-C2
etag
"e81db9010c0d8fb9bbe9275e9610d2757ef28ee4"
x-cache
Miss from cloudfront
content-language
52194
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
NITQw-34kduQxZgR1jw4-jpRvwKxvvcWlaFF8mrl255Mb6AjIgWMmQ==
x-xss-protection
1; mode=block
free.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		101 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 bb707a876db211940a3cb07991cacbdc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
etag
W/"edc53d8d44037708e54122b9e30bb2a1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCPDh6%2Bf6ZqK1VNoNVQy9A7tsH5pdnLacAsUXkwsaHyiJjD3mKhNpvxtj9aLHgJGsojrCDdKOPayGPISZLKz%2BWAHU6EnKgvKcX7EB8rSWrMV6cqpCz%2FepWR8%2F%2BkmvGtPWP8Gn4c5iXggzD1CB61jjp6YIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8381338e28da4c15-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
rYjRJsHPlSVVtGJ034Fy7KT4ryXLrxB2nUEAU4sMumIYNs0ATdvmfw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 64f46386c7d793ef08095943662bb42a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"604d6da359831b0dc67e0f522f1ff94d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpqjhhvGsWZ3IwjUsRkY9GPbOf%2BZijOy3tvnW12Ljp%2BWSpWFPhSPHtDz8EfXDKaQvP6RE%2FzkvHoXPIfc%2F%2BFHaOpwyKi5MTDf1AxjmLHi%2FOW6XVjj%2F0J%2BD9utWf4D0O65eTjqfMdb0DTs4kV9kcZ3XzC96Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8381338e28e34c15-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
-_P8JAIe6Hp33cu_4j__D7L3Tv7-q6q0Sg6uYIP4ITy2mWwqmryIyg==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		823 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 5dd2304368effbad5413134075a82ff0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"496965a55b1faa4d5c41073ef276afc0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpwwpFWw23cRNKiF7xizvO6xDZz8LMkiCehXpupzQb3KkwYS1tC69aZrATp81xHHWSwoL3r3AhozaQLZeBTqsUUsl1WNo5RghcX08REnXOdFQ2jUnxgsnz3VocwHXTx0fZflnXPTUnZMG0RGTnVxNwDpYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8381338e28e14c15-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
fDWT2pImE3Dlbk95t60BlS4xSMLkd2Lwb4KYOzUhaT8lpJHZ4UsXrw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 dcccf6c408219d8b851fcd12a0068cea.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"cc84affe95dbdd9726525f57d20b4ea6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bH9xSHrRFv2Z7GxWDpc0T36m1XzTnqpwmGFN6W3kN%2F2555i2kT09U8BMWrzk88A9Bs%2Bfi3gGCwlx8ShHWqZx3PBb8p39ms3KLrioMVgL%2FCoSCCI1xR6F7SPd3u7DsfdbAGLljn1PhRY3I9gS21QBVLnNVg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8381338e28df4c15-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
DM3bwx6rIUFkz5lfSG8pHh6J4GP-F7He6lzqzjCTXrS32PsDlwPOIw==
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=AAM/d=1/rs=AN8SPfpMcQB0gfUlmrjJQl2ZicoDMkCotQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 20:33:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 20:33:27 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrvbbcZU1RihXJkoY3v7Q0tCTxd2A/ 		255 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrvbbcZU1RihXJkoY3v7Q0tCTxd2A/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=AAM/d=1/rs=AN8SPfpMcQB0gfUlmrjJQl2ZicoDMkCotQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e826524250716c7e17af91c57cdf9931686c4531fbe187e37cd5375886eab07c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89479
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 14:12:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 05:50:47 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		101 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 bb707a876db211940a3cb07991cacbdc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
etag
W/"edc53d8d44037708e54122b9e30bb2a1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNIac7h%2F%2BHow6la1c1eJO3FW9oVYFzKGomYZyb%2BGGHzoDgWY%2BA4urED2%2BbsKZ5UzYOPjkRBoQA9NZ69rc3IJbpCUZX8%2BlGPv0oLzboWufBLyF3vg6qphjp3biJgY3qD046bQXytNpFpKG5ARt37Lghd3xg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8381338e28e94c15-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
rYjRJsHPlSVVtGJ034Fy7KT4ryXLrxB2nUEAU4sMumIYNs0ATdvmfw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 64f46386c7d793ef08095943662bb42a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"604d6da359831b0dc67e0f522f1ff94d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73zOj%2FSFpqZgxzbsEaaVOE4G0aLnm2UL5V%2F8oSWY7ZgNkVV5hXR4tyKR0eFoesJ08KS5PbAf5frSCAOM4Ox4TA2xW%2FvunzbfZJHV6W3jjpzKnqSdAr1vTDcSFvZybnbuGrqkwjDqIQeNTFmZ7A11iRPyoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8381338e28e74c15-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
-_P8JAIe6Hp33cu_4j__D7L3Tv7-q6q0Sg6uYIP4ITy2mWwqmryIyg==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		823 B
690 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 5dd2304368effbad5413134075a82ff0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"496965a55b1faa4d5c41073ef276afc0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F%2FkY5X9e4dFCRdaHqe8lZ3KnFRTSxgU4PTt%2BkML%2FBSc0Pb%2FOzu5sgoRLLA4PfkCAczqt%2FWA1HFeaaroMhiUV9vI2vlagbzie2dqe6NyE0rf8CYocuHlHtdAODPVEkV2a29%2FdKT3SXGNXkMI7OPYJyC3eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8381338e28e64c15-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
fDWT2pImE3Dlbk95t60BlS4xSMLkd2Lwb4KYOzUhaT8lpJHZ4UsXrw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 dcccf6c408219d8b851fcd12a0068cea.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"cc84affe95dbdd9726525f57d20b4ea6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuFzqaPS2pnRy5QAoflgkKYqJnAnfeFxvSqeckTN8WwqWAcUKtihuZBMV7OckwyE0QCp9CfLeZeXJKvFXfG19a4IJf3PRAUdQh%2Ft5SbVWza7xdbUTWGaiCYbRuCSMAnayMCwIcINJi5u5eOzyqFJzZluCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8381338e28e44c15-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
DM3bwx6rIUFkz5lfSG8pHh6J4GP-F7He6lzqzjCTXrS32PsDlwPOIw==
flexiproduct.html
www.booking.com/ Frame 266C 		166 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-64.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
3b5a5f838cde98da50991530fecf7d5e02c2ef30ff1358fd27a9235abe8e1950
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private
content-encoding
br
content-length
57050
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 17:00:22 GMT
nel
{"max_age":604800,"report_to":"default"}
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default","max_age":604800}
server
nginx
strict-transport-security
max-age=86400; includeSubDomains
vary
User-Agent, Accept-Encoding
via
1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-amz-cf-id
VuRtNR8uhPeZHiQupKawHtarfg_tqjBzUenfhoVrpSZvgAGeLrVx1w==
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
single
translate.googleapis.com/translate_a/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/single?client=gtx&sl=auto&tl=en&dt=t&q=Set%20in%20Lima%20Duarte%20in%20the%20Minas%20Gerais%20region%2C%20Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204%20offers%20accommodation%20with%20free%20private%20parking.%20%20All%20units%20come%20with%20a%20balcony%20with%20mountain%20views%2C%20a%20kitchen%20with%20a%20dishwasher%20and%20a%20fridge%2C%20and%20a%20private%20bathroom%20with%20shower.%20A%20stovetop%2C%20a%20minibar%20and%20kitchenware%20are%20also%20offered%2C%20as%20well%20as%20a%20coffee%20machine.%20%20Guests%20can%20relax%20in%20the%20garden%20at%20the%20property.%20%20The%20nearest%20airport%20is%20Juiz%20de%20Fora%20Airport%2C%2060%20km%20from%20the%20chalet.
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8715224420351d091a2e8a375f89fe7b53f4aa4c57b2eca1688755c5f354620
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce--aJeESr0-NH_cgyLzQwgFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce--aJeESr0-NH_cgyLzQwgFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
355197597.jpg
cf.bstatic.com/xdata/images/hotel/max1024x768/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1024x768/355197597.jpg?k=7d20a01c6579e282816167a8148d502c98ea12a9a28b03b80b904f1b9fa87f7b&o=&hp=1
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4cf92b5597acc4b55772e644d5c90cccf94b548ae1baadcabfe3dfd530abb6a8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD50-C2
etag
"e30fd034f9aebba77b36aa38b0002820e02b345b"
x-cache
Miss from cloudfront
content-language
67915
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
0yMEv4Xo5cPzIwZa73ZEAprkuDEfPViNw_UcFuka2cv3vPdPJuG9mA==
x-xss-protection
1; mode=block
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://recantopedrocaschalsacessovecu.apartbin.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:10:38 GMT
x-content-type-options
nosniff
age
373784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 09:10:38 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.1/webfonts/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/webfonts/free-fa-solid-900.woff2
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368

Request headers

Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
Origin
https://recantopedrocaschalsacessovecu.apartbin.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
via
1.1 903a82370ff225ae16b374d8f5cbc5a6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
156504
last-modified
Thu, 30 Nov 2023 17:53:29 GMT
server
cloudflare
etag
"98ff5c340b38803d09d3f22fd9a00501"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYrvQVKm40mav0n5qHhwnL0uYGoSmrnLJOl8J4yFt6N7PUeaJOPNX0R2JbMIlRRxm%2F%2BgQyJCiPvgKWgjhVF9PXR5mo6dEztrfwm9vDz2Q8PTnDi9ofDIyB8%2Bd110gcQwMYyRTRV1d49Yv%2BAwasqPRUlryQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8381338eea0d4c15-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
AyR_X1_PQ6ENdzITqLXE2crc0Ldasz7Nfn6ZRZCRTGnJbCv2sf6rUw==
widget.js
widget.getyourguide.com/pw/latest/client-loader/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5152697d6ee653c871c79b6c70587fe2c9951e3094d0a816190afdb234b43b6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KF9JYFPZ4K039JD1
age
18
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fmnCBR0McES+1H0tmYjUfa94sI/g6qN0LZsLHRCr5s1QegjdYN8iTBJpwqkUhPyC4az7vmbqh4g=
last-modified
Thu, 30 Nov 2023 09:47:53 GMT
server
cloudflare
etag
W/"8eca356964de7f6613a32ce233c191a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQo6aW08nc5ByWfWhmHcZHYA28bIVR29lDmzkeNzPFEe%2BKQ%2F%2Fvv7iCxdqT5z2psslIEGGpw345dCYbJjLpIS2CpYRUDna9v3OwiqDhDF82HZSAu0JHwnaApm1aG4FPLgN7Rrkhw8UzyD5G9MEDyGVKv8Ofr0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=100, public, must-revalidate
cf-ray
8381338ef9a74c04-MIA
pa-main.1698148631418_cc84120636cd654964be42eee41eeb8bc90fd79c.umd.production.min.js
widget.getyourguide.com/dist/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/dist/pa-main.1698148631418_cc84120636cd654964be42eee41eeb8bc90fd79c.umd.production.min.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dee7f5f4f1f198eb581d002a52ad1861aac72d66d5b614df3b2a88d475873896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BGDSXKWKR6E9GAXC
age
72
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uVBjl1hA4jboCIlpjji2R4HA9TUDZSs0odi2684diEgS29kRrdtQAkIsw63bGkxlkjpoUULtD6M=
last-modified
Tue, 24 Oct 2023 11:57:25 GMT
server
cloudflare
etag
W/"1a9aebe6850338e26f89286296b58282"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzValCbmzGLhz%2BuDNgUeEV3ocIaHShN4ylK9cKh35kx9KCZ21oo%2BP75%2FoiScU36uLTHFlOTK8H8qTyC3aQ2kJ91vg%2F%2BDYGXW4JC2%2Fb017uNw0u6xYUtjrSWjbt35klYLDzbvF49Qhe5AApQM%2BNh3JF2vKhPT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600, public, must-revalidate
cf-ray
8381338ef9aa4c04-MIA
gnikcart
widget.getyourguide.com/ 		61 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/gnikcart?q=eyJwYXJ0bmVyX2lkIjoiS0FDSk1JViIsInVybCI6Imh0dHBzOi8vcmVjYW50b3BlZHJvY2FzY2hhbHNhY2Vzc292ZWN1LmFwYXJ0YmluLnRvcC8ifQ%3D%3D
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e0ae1701b7fa5217625402f514d5a16a06fe10926037c0de169643e192221a59
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:22 GMT
content-security-policy
default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-powered-by
Express
x-envoy-upstream-service-time
9
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5d4bd70a-f644-9726-9467-113841f51748
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mzqAkbA2oo1JVj9TEmhM8SHXyfggRl9pKbB7mxoq17%2FYmCenaEMwg%2BOERKMpT1xq%2FsSFLd68jQt1v5O5go8shb1t6bQsF%2FqRZ7p62O%2FTEM7%2FhZFkKSzFKeFMyyRwpP9Jq54E3TI69bE8B56fYnVZZ0KZFAU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://recantopedrocaschalsacessovecu.apartbin.top
cache-control
private
access-control-allow-credentials
true
cf-ray
8381338f6a494c04-MIA
collect
www.google-analytics.com/g/ 		0
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GQPP52LWDP&gtm=45je3bt0v9170782933&_p=1703005222039&gcd=11l1l1l1l1&dma=0&cid=398122966.1703005223&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703005222&sct=1&seg=0&dl=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&dt=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2573
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GQPP52LWDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 17:00:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://recantopedrocaschalsacessovecu.apartbin.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/ Frame 266C 		487 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
840e8e78b3ee050003067b016cb06452b6c9934a47dd74e5042be80b9689d0a2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 09:40:15 GMT
content-encoding
br
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2272807
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 23 Nov 2023 09:20:08 GMT
server
nginx
etag
W/"655f1948-79a2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
mlrsV8y--IrKexrTa_Kbi8d-VEKNWJy3VVwR22SQ_63pU2Dz47SEUA==
expires
Sat, 23 Dec 2023 09:40:15 GMT
80f233253dc274b95a7f9cb323c7126b657ea7ae.png
cf.bstatic.com/static/img/b26logo/booking_logo_retina_light_bg/ Frame 266C 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/b26logo/booking_logo_retina_light_bg/80f233253dc274b95a7f9cb323c7126b657ea7ae.png
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d28d43698c2b701e031172c0f98f35b539aca2a63606c8959473f54e071298a9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:53:22 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
1724820
x-cache
Hit from cloudfront
content-length
5066
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:50 GMT
server
nginx
etag
"5cadd1ce-13ca"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rAGOEPht9ZqLQGPnL19ua5Hwss7uR1BeSd3hR8MFWSnw4BYbv8Kf3A==
expires
Fri, 29 Dec 2023 17:53:22 GMT
0acd2ada6c74d5dec978a04ea837952bdf050cd2.js
cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/ Frame 266C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf050cd2.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c3f06cf6ded52069a79551343aca5f2269a048cedb9fbacd3cfff7136980659c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:45:17 GMT
content-encoding
br
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2358905
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 21 Dec 2022 14:29:30 GMT
server
nginx
etag
W/"63a3184a-180b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
gFTdRiApAU8mGddguee_6zycTRQB8LN0cKn0V1MQyys656WqQp41mw==
expires
Fri, 22 Dec 2023 09:45:17 GMT
e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
cf.bstatic.com/static/js/jquery_cloudfront_sd/ Frame 266C 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ad7526d50b7586ddfaee62b3fc95e71207136dc08f6a2b7ffd671ded73fab83
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:45:16 GMT
content-encoding
br
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2358906
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 28 Jun 2022 15:19:38 GMT
server
nginx
etag
W/"62bb1c0a-19a42"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
POrHwPvHIiaLBcWngWu4WKezD8P_1uL73CKjn9axZOapZxXrLCAQQw==
expires
Fri, 22 Dec 2023 09:45:16 GMT
4b7a7f25894c6930265f0325889ed948adabae69.js
cf.bstatic.com/static/js/bui_inlined_cloudfront_sd/ Frame 266C 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/bui_inlined_cloudfront_sd/4b7a7f25894c6930265f0325889ed948adabae69.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
77a9ece576f0a1c826a9970192a202980487a97e15967151c1241358e541807a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:45:16 GMT
content-encoding
br
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2358906
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jul 2023 12:27:54 GMT
server
nginx
etag
W/"64c262ca-198bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
iQw9pWvCS7QcLaDNhpy7u4_N66sS6_70QcBeNhihpxwDv11601YLTA==
expires
Fri, 22 Dec 2023 09:45:16 GMT
db5eb4823cafaa54f1645c21a9440a4f168ff767.js
cf.bstatic.com/static/js/affiliatewidget_map_cloudfront_sd/ Frame 266C 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/affiliatewidget_map_cloudfront_sd/db5eb4823cafaa54f1645c21a9440a4f168ff767.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
81178a6d72ed54dcdbc85fae2a74716d15f689296fe4315e1e03558306857004
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:45:16 GMT
content-encoding
br
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2358905
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 01 Nov 2023 08:40:16 GMT
server
nginx
etag
W/"65420ef0-2558b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
HhwX_OLgQb05KeVHhkXU3UBR5eg5e2g4kws5UwLkjTpHIZPFmCEctg==
expires
Fri, 22 Dec 2023 09:45:16 GMT
085092fbd455b871247d1d5371bccd617ead4ddf.js
cf.bstatic.com/static/js/atlas_v2_cloudfront_sd/ Frame 266C 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/atlas_v2_cloudfront_sd/085092fbd455b871247d1d5371bccd617ead4ddf.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ca2a0109900808b4c833204cf6ba793405da360f9ec1d3a8f0f57198d047530b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 13:12:09 GMT
content-encoding
br
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
359293
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 10:36:58 GMT
server
nginx
etag
W/"657c2c4a-11768"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
1LGJmoCFytVgf74w0ME2qCAswCi0S1GixN2ktRmNe3ZhCW5oTIpiLw==
expires
Sun, 14 Jan 2024 13:12:09 GMT
065e30a892963248f8141db936947bcb94f77098.js
cf.bstatic.com/static/js/affiliatewidget_map_modules_cloudfront_sd/ Frame 266C 		216 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/affiliatewidget_map_modules_cloudfront_sd/065e30a892963248f8141db936947bcb94f77098.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6ca2e6b35e991742ee60d207f391f81eae3f3664ea22d3b6742f15b84cd17ef6
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 13:12:09 GMT
content-encoding
br
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
359293
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 10:36:58 GMT
server
nginx
etag
W/"657c2c4a-36109"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
8B_xUfM2UAXufWHCpnbMjD9UHRlz9zO7FE-T7eUqdt_xnN2udm4DEQ==
expires
Sun, 14 Jan 2024 13:12:09 GMT
2ef4e9ae9240f4bd123bc5c51eed3c306e710ecb.js
cf.bstatic.com/static/js/searchbox_cloudfront_sd/ Frame 266C 		241 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/searchbox_cloudfront_sd/2ef4e9ae9240f4bd123bc5c51eed3c306e710ecb.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c5759677f0bfab4fec44acc9bf4b8a7edb433004d13df87e84b9b4aba2ec9ab4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:45:20 GMT
content-encoding
br
via
1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2358902
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 17 Nov 2023 14:07:08 GMT
server
nginx
etag
W/"6557738c-3c59e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
fFFmbMZYOVu2I0ogDDYa6tdfHVY8DLVHUkUhkeTT_dwJ4K1PKHQcVA==
expires
Fri, 22 Dec 2023 09:45:20 GMT
07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg
cf.bstatic.com/static/img/cross_product_index/accommodation/ Frame 266C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/cross_product_index/accommodation/07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a0ff1db86f13d31743f7e0c4d1c45fe7953cd5089d91be2a2ce3d12f7a4beae2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:51:34 GMT
content-encoding
gzip
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2358528
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:51 GMT
server
nginx
etag
W/"5cadd1cf-7f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
AiKDtlKhyJlOmbeubealsiP_mVxE69sM3xvS6pcJJf9jPqDSa1S6mw==
expires
Fri, 22 Dec 2023 09:51:34 GMT
dd1af0dfe8835b14799d07702a4cd70159c649d5.svg
cf.bstatic.com/static/img/cross_product_index/calendar/ Frame 266C 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/cross_product_index/calendar/dd1af0dfe8835b14799d07702a4cd70159c649d5.svg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
21edfeed321858e780d840b2e215d4d77b2e80fcdace1916bfb1254596b4cedd
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 11:00:35 GMT
content-encoding
gzip
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2354387
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:52 GMT
server
nginx
etag
W/"5cadd1d0-c6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
v0G6v42O78RVJcn4JB6PfhGtl_JhuhAitZQ6LAwpPws-yyNUzSEdVA==
expires
Fri, 22 Dec 2023 11:00:35 GMT
fb6f63d62231f9fe552d79b5448620b2e63c726e.svg
cf.bstatic.com/static/img/cross_product_index/toggle/ Frame 266C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/cross_product_index/toggle/fb6f63d62231f9fe552d79b5448620b2e63c726e.svg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dbc5c6cc8dc52fe293be4d79d32c85f9e8d9baa9867653927dda0c1b905a3505
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:51:34 GMT
content-encoding
gzip
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2358528
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:51 GMT
server
nginx
etag
W/"5cadd1cf-5e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
WshaFAzpHZxiWKC4xzyfC5ye9_5F09UI9MEdLZc_ni_hK39PZLL-Cg==
expires
Fri, 22 Dec 2023 09:51:34 GMT
b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg
cf.bstatic.com/static/img/cross_product_index/guest/ Frame 266C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/cross_product_index/guest/b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3668c35c677731ca1295a5f13ad82d97bc77aeb701720456f392e5bd888f2ef
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:51:34 GMT
content-encoding
gzip
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2358528
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:51 GMT
server
nginx
etag
W/"5cadd1cf-63d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
TpircFuHX9gtGWTzei5YTA6ktHlfmspIYHZz8Aegc_s6jzOqW_PaWA==
expires
Fri, 22 Dec 2023 09:51:34 GMT
load_times
www.booking.com/ Frame 266C 		0
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/load_times?jquery_ready=407&window_onload=408&sid=5b5b7c779c5f084d3d0f780baa3c137c&pid=0df6779320d2037c&first=1&cdn=cf&dc=4&lang=en-us&aid=2393715&ref_action=flexiproduct&stype=1&ch=&screen_size=1600x1200&m=UmFuZG9tSVYkc2RlIyh9YQafOScAvZewEKEAJZ-Ph72xjstE1lkxRWcHkzXT-kiXXMerwyGc4i91UJokXd11q4hgXHE08QjE3e38meRm28xBeH9Cr9vPw7FCgQJb8UuSw9ivkeeIfyBGWbYnv7rUyon9tmzZ0y1TmZ_86qIyxpKxLRx6pn5bue4gSSRK7hB2sOa023Syty7YwORe-2_7plN81lFB0QbFST-i5rLMJi_vnu93r_72Mw
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-64.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-21.85184174&longitude=-43.74861293&landmark_name=Recanto%20Pedrocas%20Chal%C3%83%C2%A9s%20acesso%20ve%C3%83%C2%ADculos%204%20X%204&mwhsb=0&address=Sitio%20Alto%20Da%20Serra,%20Area%20rural%20Br%20267,%20Lima%20Duarte,%20CEP%2036140-000,%20Brazil&
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:23 GMT
content-encoding
br
via
1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
strict-transport-security
max-age=86400; includeSubDomains
server
nginx
x-amz-cf-pop
EWR53-P1
vary
Accept-Encoding, User-Agent
content-security-policy-report-only
frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=47977793501602fa&e=UmFuZG9tSVYkc2RlIyh9Yea5KnOzD3Y9uAvFCeDwazPrPnIE-diZWQmtV7WB6mj4
content-type
text/plain; charset=UTF-8
x-cache
Miss from cloudfront
x-amz-cf-id
jF10papd7qFISIzq9px7D8wJx5c2rL0wauotShW2mIBjnGShCXu_gQ==
x-xss-protection
1; mode=block
js
maps.googleapis.com/maps/api/ Frame 266C 		174 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/atlas_v2_cloudfront_sd/085092fbd455b871247d1d5371bccd617ead4ddf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
11b449eb340c7c19dbd5ecc0a7680fb3e934c5d2fb1ff5a43ac3679100f23673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61028
x-xss-protection
0
activities-auto.frame
widget.getyourguide.com/default/ Frame 788E 		32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c41a57b30ba226eb8ba498bfc3866f2c040f0e1acaba5d3c8c9adb7b973bb5e8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
83813396cb2bb3ef-MIA
content-encoding
br
content-security-policy
default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
content-type
text/html
date
Tue, 19 Dec 2023 17:00:23 GMT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNKS4FcYcKAbKclWr%2FNGkQ%2BHcbUFlFIGND5xVmpOreoAAw7YBh3HujGENEeGJXIDeOJtDvR1y%2FL01RQlAc43X8umMjJvYBY83oSaVdZ%2Fi4xHnbq2wYDxoMjnHTmhc8Ja3HpL3ah60j5Pnm%2F%2B7kyrZGgH4Aka"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
214
x-powered-by
Express
x-request-id
ad4757ae-69bd-9121-979b-2ba22766225d
x-xss-protection
1; mode=block
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 266C 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.booking.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/54/12a/ Frame 266C 		254 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/12a/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b6fb8c2b9ee6b41540fd549a726e431eb8667074da38d94af8a647ae05e9da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 15:02:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
7101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57367
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 21:27:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 15:02:02 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/54/12a/ Frame 266C 		155 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/12a/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
206b430ad8e96d2f58a4c4cc6d2e5b97b40a1b62d9c1a7b027409b376da8c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
250800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50370
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 21:27:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 19:20:23 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/54/12a/ Frame 266C 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/12a/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dd82e5f3aea83251ff310c726962f06818d2137aec27f77bb5694d465cad44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
373268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23649
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 21:27:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 09:19:15 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/54/12a/ Frame 266C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/12a/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daaee0418187dbf0f8f78a3556c6301988a36fc329615a604aa815eaab279b1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 12:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
16664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1281
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 21:27:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 12:22:39 GMT
66bf86dee54530a7bbd96bc0aa678a645960d474.png
cf.bstatic.com/static/img/use_sprites_16_exp/ Frame 266C 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/use_sprites_16_exp/66bf86dee54530a7bbd96bc0aa678a645960d474.png
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5e8f8af5bb822648eb2f343706c44b6c213dcd461583dc23a6a4cb02444e3800
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/b3d67d4cd3c0abbaa3a632df9cea4965801b43d8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:23:32 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAD50-C2
age
2356611
x-cache
Hit from cloudfront
content-length
19923
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:56 GMT
server
nginx
etag
"5cadd1d4-4dd3"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
P5wGyd_EZZ-5-TmnQChtgNt10035ibc32twgyCqEOJFwxtyK_0jKIg==
expires
Fri, 22 Dec 2023 10:23:32 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 266C 		326 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:23 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Tue, 19 Dec 2023 17:00:23 GMT
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 266C 		35 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
563fb2b6d6a32bf833eb237fdfa290458c6829dd0800cec838c0a65fd110852e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf
X-Goog-Maps-Client-Id
gme-booking
Referer
https://www.booking.com/
X-Goog-Api-Key
X-Goog-Maps-API-Signature
35668
X-Goog-Maps-API-Salt
NoqwqfFLmu

Response headers

date
Tue, 19 Dec 2023 17:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.booking.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4220
x-xss-protection
0
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.booking.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.booking.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 19 Dec 2023 17:00:23 GMT
server
scaffolding on HTTPServer2
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
onion.js
maps.googleapis.com/maps-api-v3/api/js/54/12a/ Frame 266C 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/12a/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01112b7e0e5e756b2300397441f7a014da06ba83bbea0f25e440534b74f0196e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
356127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9007
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 21:27:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 14:04:56 GMT
GT-Eesti-Pro-Display-Regular.woff2
cdn.getyourguide.com/design-system/GT-Eesti/ Frame 788E 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/design-system/GT-Eesti/GT-Eesti-Pro-Display-Regular.woff2
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b42ca74fffb2087dee37c14a0ff0dbcdc0f36b7b76799e95552a6089120969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://widget.getyourguide.com/
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3RZTBB7WN3WPWDDH
age
24076
content-length
57208
x-amz-id-2
+Bp1XEgqpMx+85T/+lsdpJOICzHE50n/5v+sNILNe8nzLHHuAXg5g5tnW5FNPuKcvMLffzv9VFU=
last-modified
Sun, 03 May 2020 10:59:39 GMT
server
cloudflare
etag
"0bee8cc037c7f39e423052107135c488"
access-control-max-age
3600
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYJ2HNiEzrGLowh9Zerl%2B2Pi26fFbxyDdWxfnSdCpUOHGQPg9qcTmx35SJTowZ7VN4O2k%2FOuJqsEtDqM9En1cH6Rw8jwrTNTJ0frPKMoeBRYanQqPanxuu4%2FMwzRtycsrEVSzpjl9xieR7LiilS8pps6"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31536000, public, must-revalidate
accept-ranges
bytes
cf-ray
8381339a0efa31f2-MIA
GT-Eesti-Pro-Display-Bold.woff2
cdn.getyourguide.com/design-system/GT-Eesti/ Frame 788E 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/design-system/GT-Eesti/GT-Eesti-Pro-Display-Bold.woff2
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b42fe227cbaecccbd5d441b1c9c149ade479067d5a258f614145b3342be951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://widget.getyourguide.com/
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QJWCV3SZFJBHN18X
age
19038
content-length
60740
x-amz-id-2
DLL9HKPVIpnlvjNLFAYzNmmtrPwrRuvgONCQMclYvCKWfYavPty3PtnQyamQ/kHxEigxBMAZzBg=
last-modified
Sun, 03 May 2020 10:59:39 GMT
server
cloudflare
etag
"f6291b623a5e487339b42d260847a9e3"
access-control-max-age
3600
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvzqWk4XuxzAv92qMBu7o%2BdD3%2Fa06KY8PuMxyxQx9AgQc75%2BH4N92sgAd8YikKdpNqfK3%2BMJuEMFC2TrEnbdHXT9pWeAF%2F%2Bl5h0%2BaLjKD%2BGXGeMrUTcdNrj05idnOWdSXjZR%2B2hM50wee1m1VcfKizjr"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31536000, public, must-revalidate
accept-ranges
bytes
cf-ray
8381339a0f0131f2-MIA
confirmation-page-activities_frame.a2d588a6.css
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/confirmation-page-activities_frame.a2d588a6.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d588a6e31f11ade9a3f3764e33d670c4680ffa513306daf1b1bbf8bae306d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F8ET0ZGEZ6TJM7JN
age
32887
x-amz-server-side-encryption
AES256
x-amz-id-2
8TwxXmesPcoxJcnfqOSqzD9qStmNoq3GR3A4xsb0WDvMEWBDT64ZzjovB8G3Sn1tCzwDu8zGiAQ=
last-modified
Thu, 09 Nov 2023 15:42:40 GMT
server
cloudflare
etag
W/"8f821a8efbb91a2451c9e2e36271280d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WnFS0Lo07FW%2BnC%2BF9JJzdyDJTiorN9w7N6MEfMQCocTuIhQAr7n7282B2qITxzvyy08H83AAHicFIwej5wmfw7CLGrFleG63UoccfdeBTSHP%2BCZsjn%2BJQzV5uBR5dvQcIXSKboUE0HQmIchnju1bbiv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a0c1f8dca-MIA
activities-auto_frame.b1303ca8.css
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/activities-auto_frame.b1303ca8.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1303ca84fafe37f90d4f5ae0031894a9a490b1502e8cf88770f4bdb48a9dbe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
K7KMWW4D2VPXTHTW
age
18163
x-amz-server-side-encryption
AES256
x-amz-id-2
+I/WT0I+oWbE0CqEuul3XYsEn9BD6gZcwnpc6paDaBiQHh9xs0xcZJHHhBD75zBEARKyFCwj62I=
last-modified
Tue, 05 Dec 2023 10:32:05 GMT
server
cloudflare
etag
W/"b4c3c5cc5643a8125f9b0c01768983c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo9NuwCjb%2BHMh5VxRBOVLH64gWisN84kaGEertwsstk095aXH9Nxg9b8CvboUWxzuuhT8FOhfwjuwFf8bGVEu2HVR87SjdvFPGg8QT%2BCZU9LV9UkzkMNfOahZQihgxvsopNmfb3MKwt95UyaxSDU8jX8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a0c178dca-MIA
activities-auto_frame.fc08d549.css
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		503 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/activities-auto_frame.fc08d549.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc08d5493772e19b52602ab650e7f6737963ec1a4cd61dc2cc26bb5716b714a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GGBVPWEJZAPDBS4G
age
21324
x-amz-server-side-encryption
AES256
x-amz-id-2
7dwenvl7ZQblAhq+d27liKCu5rnXrv8VvO5l8fXIaJPZGfHENUVtyYfysYzbUPxEbFAs3luqRds=
last-modified
Tue, 07 Nov 2023 10:07:13 GMT
server
cloudflare
etag
W/"eda292ab63ba2ce33180b41990681914"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDCV0Z30W4os2V7MpUroBeSWhexjAvp2ZxdzUbs%2FBHp42Y6Q9BD3SLSnQAnT4n04nMsq1azSygdE7SkaP7hfUTrRRtukaw%2BlW7zDpcQaBz%2BunfZKMmzoJsnJqPk3yCwsDBq%2Fsai8sJFJsOyzoz1Rm%2F%2FE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a0c198dca-MIA
activities-auto_frame.3ee965fd.css
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		133 B
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/activities-auto_frame.3ee965fd.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee965fdb5c0cf1e92b69657284762cc097a787b3dfb90308c6022bbb89158d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WHAQNFERKMDC0Q64
age
35081
x-amz-server-side-encryption
AES256
x-amz-id-2
S45Lat0sBorNT36wGdcalLIk1JIkN70jjyuNwt8quJwuzXQ7kmm7nCxPGq9QTpl8XRVyQ67Ptes=
last-modified
Tue, 07 Nov 2023 10:07:13 GMT
server
cloudflare
etag
W/"748b86403fafdd36f42cc6dd9148f3a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dv226qIbOA3t4vyCTVef2HIfL%2FHRoyzj2TAJdwON4Q59QGzlLBk7%2FLRsEHNzPMQp67vQqgdomg8I4n91pFCRT4cFIgF23CH5NRQSyHE7cncq1NTNVHjpedWgPcr4bRcX1bCNoxH%2BVu4BMY%2Bhw0k%2F0hpH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a0c1a8dca-MIA
travel_frame.0deca435.css
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/travel_frame.0deca435.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0deca435ca6403095b4caaea960e1f26ce2fa676317842453630aa2df5b38173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F8EG02X76CGKY68N
age
30011
x-amz-server-side-encryption
AES256
x-amz-id-2
AjfqzMWzz33CiZl9jOY4y4M+zx+5a2K/PpFaioMBEHOCaogMCMoU9sRRUSSRE1i542VJSeC3B0U=
last-modified
Thu, 09 Nov 2023 15:42:40 GMT
server
cloudflare
etag
W/"d22d1549687200f9ae20218b9aa2c304"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLasa7YOHk58w8nPWaieFuHGXgPD2nxW%2BN%2ByQQs2NKRVYGqDzNGIa4j%2FXUdgGUdKV5sz%2BD59Vb304mDVt0kXDdXG%2FtvI3SyM9MfxDBhnFBcXBkrXAzkfxFCkuE1Z302SRk6U3bDrLv9cUy2pZztMu59T"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a0c158dca-MIA
activities-auto_frame.3b52dbb9.css
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/activities-auto_frame.3b52dbb9.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b52dbb985cb4a72941d096e9f1d2d15eee851a611ff5860bea3e0be355c43ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PYTBKSN95ZW1RQS0
age
19372
x-amz-server-side-encryption
AES256
x-amz-id-2
Ml70865JUOd0d/drL2ZLRjsjYVIo5n4UXYi8Wobbbvt6mmZel2kEmkmdCvbV4M6OlwuEaXFwpJg=
last-modified
Tue, 05 Dec 2023 11:13:18 GMT
server
cloudflare
etag
W/"2943be2d1c171d50abc1f64444674b5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=237IT2zwrQoIXtGK35uI6qTrhI7AojGfs%2BCiJMpbU9BrmomETS5vgUcjgbYeVEjw%2BBhVaJjP5rGtwobqqzDt%2FNt6hlggkwJilyq%2Bmmnrf%2Faq93FmVXt5eRYbG3HnsALWqeRrDTQ36ZbzU2lZpPws054g"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a0c108dca-MIA
travel_frame.4558cd53.css
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/travel_frame.4558cd53.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4558cd53d0b7ac03ec4e47b284b6f8d3457039383f00385e374a36ee1d73ac10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F8EH0M07G74AC1NJ
age
16037
x-amz-server-side-encryption
AES256
x-amz-id-2
l+11vrLCSaCJTsjoR15fkquSPOexLyubNjUWzjeMu794ws2WkGW+1t5H6gInVKXVgnbDJSVub/k=
last-modified
Thu, 09 Nov 2023 15:42:40 GMT
server
cloudflare
etag
W/"0c19761ad2ebb79e5f4e343e72568636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dckVCuhJ1fZ%2B0BFfJ789vYonO0D3I0fJhTlUTZCrKLoEhEa1Er7DyJh0OlzSbDssulxdXAB6ShZDKhOGPi6Co%2BBvFDGh%2Fm%2FULWyaFVv1SQSdpqehHVWjPHSYiSlAxQEzGsPIdMNupBKt%2FgssRBlGP9Rf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a3c748dca-MIA
availability_frame.15150073.css
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		650 B
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/availability_frame.15150073.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15150073edb736aab166355f808035adce2ef96138768cde51144e1db55a00d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F8EV8MD3DC97MAWP
age
33938
x-amz-server-side-encryption
AES256
x-amz-id-2
uitaQ1aQ3D8elvz8pGrSSkB5kev55HognklkMCKForU/eaS83AFXpTaEB+HYGUq2n4aQ2oNhmcQ=
last-modified
Thu, 09 Nov 2023 15:42:40 GMT
server
cloudflare
etag
W/"2365e0292b53edc1d30e860fa543b23a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYJjZfB0BNQrujg4hvUkpvRohShF4Pc2sqMvSYpWxCp5BJ7wmUxh%2B4cKmiNyE0KOyCo0XCjmFwZ95NThLIslnh%2FGHH6ahMYmJ8QdhMRltc27uD5PlPD5d4o4FXpUxI%2FfA%2BcA59xu0eXqvqvqc40bd12o"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a0c1d8dca-MIA
activities-auto_frame.b5966dd6.css
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/activities-auto_frame.b5966dd6.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5966dd63d10cc6a27f38bb9d4159f36b89176b7b6e70d7f50089dcd8b532fe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WSQGKWJVCH2DXGQS
age
23720
x-amz-server-side-encryption
AES256
x-amz-id-2
ekxQpLVDaEi7r4g1fgFnsMlUoF7qmq/KUaaZwAq49aIofy/siyp3ulNVJVCqWRo++us7+QVhrCw=
last-modified
Sun, 03 Dec 2023 02:12:21 GMT
server
cloudflare
etag
W/"6afe4fd9a65cdf9e60ce4ecbb617c449"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqdBYrBha8fbo7NJIjEB6YS16vNjeqB6MCQ9CEbHOkHEkgWWLCGb3wwuM8czp590GLsupCBM3OuerPcfD%2FRgQAOSV6W%2FsTCRcwn2ewWg2b5cAebMjrHKzVsNNH8txhoeRTgdxJ883xB%2BFRB5yBXQ8%2Fq%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a0c218dca-MIA
hoisted.62148d70.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		806 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/hoisted.62148d70.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29951de20187ffcbde5f83801dad2ae4c1acc0013cbba80bd307cac739b0f347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://widget.getyourguide.com/
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9FZ7EN5BVSBJQTX3
age
17519
x-amz-server-side-encryption
AES256
x-amz-id-2
gV7HOQfkIulLYV2RTI2VEn1PZJaT4ZVhh61lwUZqhgm6sqhpjYd5RZmLgo+qxpGU0r/2swaXV5Q=
last-modified
Tue, 07 Nov 2023 10:07:13 GMT
server
cloudflare
etag
W/"20444764e7e44aa4d909cc8767a2487a"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQtDrHTUPdvn%2BgxKTDZdk%2F2QNrCWKnN815JjQKb5dFZA9jmq%2BJQgxURTfBfbgA6h%2FixeB2N1EL5XCpvKrgthfGIOgNEg%2Bd7Tibfa3UWCT8%2BH0C5YHuBQQ%2Fx8A0b5Czi0ZKE7LDce5Z3F5lXk9XN05Zyr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a0f0031f2-MIA
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 266C 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.booking.com%2Fflexiproduct.html&2sgme-booking&3sbooking-frontend-affiliate&7m2&1e0&5e0&8b1&callback=_xdc_._s8qc8g&client=gme-booking&channel=booking-frontend-affiliate&token=84534
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/54/12a/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
b2442485dcf89618aec72a85f9b9d7d86b8c072e7a3558e5efe06351382fcdff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 17:00:24 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=18
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ActivityAutoWidget.bcdfb1a3.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4852b711c48027d6adc8e2a5cc053a7188bb7f1e57ebb1b245f5b224fb780a15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://widget.getyourguide.com/
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QE7YF3B38M2VA328
age
4180
x-amz-server-side-encryption
AES256
x-amz-id-2
1YayPt3WY2uY/5QFlmeCs/z4WeffvdSStNN9NNG41SM15ybEOm1uqTgzQEEW8YxvYpNPC2NzlhE=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"016b8cffdd967ad77d2c987949b53e62"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XXFeD2SBXdUjII8mRDRU7G9G4Jbp041hpNdxHeoMl9elLPUGPf1wiBhYEp2NFElaUGqG3JfrPLtx6jQo0qvzsq2F2Ad3pOmb7FzuWfhw80dk3Hks2lcTnie9eiqf%2BaFIjOJGCPFO%2FA92tefdtlSyNRo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a9fc331f2-MIA
client.e71365e7.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		840 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/client.e71365e7.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?sha=4092487a-dec0-5bde-bd0b-dba0b271f353&partner_id=KACJMIV&widget=auto&widget_created=1703005223462&host_font_family=Rubik%2C%20Helvetica%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Frecantopedrocaschalsacessovecu.apartbin.top%2F&visitor_id=39F2E2CB25A44908925F99688F8DD633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7985a3f2ce83d5e3735f8a1ece0f77960f4ee5198c9036eb710a51f49b8ab2ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://widget.getyourguide.com/
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MWKHZ8SH541466BY
age
22671
x-amz-server-side-encryption
AES256
x-amz-id-2
WFmOSNbETbt5Hwb10m5AWWOL6CcWkcS439e0675wqSZcRLf7D9VE74OCGby9jE+zjyrnoBr+Zhw=
last-modified
Thu, 30 Nov 2023 09:42:42 GMT
server
cloudflare
etag
W/"2cb7bcb2f23d6ca1c50d501a069cf0e6"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BOXeSagLoY%2BgS0PdE8NzOeis3%2B9cw8cWVZRP%2F91CyuFCx3pkjEA%2BI9DLGBbPTSLFPQQlC37%2FALbOF0jyisaiRqmItu06ter2RtC21gFMaREfIIqDJTFct7ZoCVX3D7jlKR3UOa7pwrnNkh93hRvvi1r"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339a9fc631f2-MIA
badge.ef11b809.svg
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getyourguide.com/pwa/_astro/badge.ef11b809.svg
Requested by
Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwa/_astro/activities-auto_frame.3ee965fd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef11b809a14942d1133c6d79e8c88ac11ad2f9dd4fd67f9b835705c13575c337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.getyourguide.com/pwa/_astro/activities-auto_frame.3ee965fd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5GRBHG1298Z75Q6V
age
25677
x-amz-server-side-encryption
AES256
x-amz-id-2
UE2xnUff5Jg4ZAOQxH5ioIJRC8IOjcJ3qMDgRmOgXpibJfIjHEm1v1Bh+32lYjRXswym2by6oaw=
last-modified
Tue, 24 Oct 2023 12:40:25 GMT
server
cloudflare
etag
W/"439f9dd5b4ad43379b4979e1abc3e095"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJV5%2Fq4FWv9MzSLsUTwWUCP0RSCuPiWxv8G00L9ALgorpUgKQ1E16NW1P969eCJNYW2X%2BPIofKEXauoObsSHfrqWk3S32aC%2BpPB2thSlnFHEb1prNJwK7SBjyD2uSc1f4c9zWsaDGCzfs8HPWFZI7IGC"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339aad3f8dca-MIA
sprite.72b6d9bd.svg
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		67 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/sprite.72b6d9bd.svg
Requested by
Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwa/_astro/hoisted.62148d70.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b6d9bd44d0ce29a5e77a3ab224061c49661d9b8f6a57a04ba4974b3795d68e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WNNSCEB6SVE4BSCC
age
66279
x-amz-server-side-encryption
AES256
x-amz-id-2
1xnI3M0Zpwua3skWHf1RZ8Gv4i+zhqHd0sg3izku7CMv08iBf2OPIWneRsNazeqwupOGnfkadtI=
last-modified
Tue, 07 Nov 2023 10:07:13 GMT
server
cloudflare
etag
W/"93057d8fbb015cb02a780e880079dd1c"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsIoQwzxfb3JyqTJ4XZZmyImmwUl2qaWpBf7MHR9am%2FJGxXRXgIMHLeM%2FjG%2BF8Nb%2FD95D9mgno19CS7Hp%2F8RuIQBcvz6Beu%2Fi00s0hXY5e8hmUyPkUxPQngMNQdPz4geEKCmH0WH4zMDn4cdRRqZ7xqh"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339abff331f2-MIA
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame 266C 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.booking.com%2Fflexiproduct.html&2sgme-booking&7sclc8qn&9sbooking-frontend-affiliate&10e1&11b1&callback=_xdc_._tyj8v1&client=gme-booking&channel=booking-frontend-affiliate&token=115501
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/54/12a/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
d65aba5e0bc4034f1027927e6bc2217d0b9b1d720b65acc62e2fe3d13ac6e6cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 17:00:24 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=23
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_plugin-vue_export-helper.eef64acd.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/_plugin-vue_export-helper.eef64acd.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf3b43c2172955d46963b50ff11eb5049173996d32450513e8ba804c185c700d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QE7WDWSWNQRX0DK8
age
4673
x-amz-server-side-encryption
AES256
x-amz-id-2
82iWyTBsEZk6zl/2kXIaoH/WqXZ86S4/qfhYZPNGCCXrcY6osbQVyN09t0tg8kqE63kzlNmOlpc=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"83db2ff64fe30905b555f91dc99dd4f9"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLudTe%2FJWyt%2Fe1YviIjXVn500NQ4dz9IF7E2byu%2FwzrgBxCj7VA%2F3DEXqSw8XgEbrQ%2BdToTY%2Bh1U5YVO4MlY5eAfGmxG%2BMs7QSn1G9GXm3pkFTX%2BjuOLnQNScUi1qYfJ9YXTO2apIwGoRv63GSRz1W3%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38de31f2-MIA
runtime-core.esm-bundler.b2a25c93.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/runtime-core.esm-bundler.b2a25c93.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ed84804a2c0cb2e86798f23553633346a0715e99c9b6d66a465b8904877819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QVH1HRP0D3R646RJ
age
18667
x-amz-server-side-encryption
AES256
x-amz-id-2
B6IaaUDc0TXJxOkW5Ru/rLRs1xjxg5YIqSIn43WzjQbqoFn5mPOzsDp/tfJwt/2gl6Valxn9Beg=
last-modified
Fri, 10 Nov 2023 08:28:39 GMT
server
cloudflare
etag
W/"2c6ac4fd6c97a8c48952adc9a78c8ecf"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8u%2B%2B7rFXKfIt0i%2BAxkwbEEWE5slkGyzR8rywdYM2IFxAzHlwcrZt9Zx7pjoGTwOZb8WGugxsYR4rlHCJvqNoJt3qZMxA7HG51Mho72kppH%2Fx3jmJ7STnHDFK1CQEHJqbfQMvfVTUCblOOfhAkOyycPt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38e431f2-MIA
floating-image.173a83a8.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/floating-image.173a83a8.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe664f62b873b86e2ad8dfbd40c7f5cefe647f866fc2ac4cf30698785b20736
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QE7XD4FP46EBM5PK
age
4552
x-amz-server-side-encryption
AES256
x-amz-id-2
Chfa7nTCCAI7xvfOYtxIb2s7IqONfLWwj7jnIWD2oQF7NsXX6XSnOxW2HMECf9BskrjaRXWqQXA=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"7614762820092b5c6d5025d23933117c"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VOkfn2N%2FAc9geZVV2ICQoEFXNyYO2e4qHVRKTTZZpkTYi6FoIvtYsulm34vNdZd9iUjGfBX0IOrgSjHFtcdX4XhdnC9rKXsZLO14I4Scjrr2u6MzNBz6mO3c%2BwutWgXsCkS7UOZ9ym322JIih3VGZeb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38e731f2-MIA
index.f8a6ea23.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/index.f8a6ea23.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
023d3687e1e73adfdc1162e1f6ca400a05801a06afd7a33661d3986f5040693c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QE7QSFCV87FB90J5
age
4673
x-amz-server-side-encryption
AES256
x-amz-id-2
gVcPsuEwHrUqtyaTW75Yn0kszSD73htVo0346QDEapW9fGAT8DZs7DXOK+GIINwi3KDXRZ9BVZk=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"a69e2c61efc40d0d822ae39e5143da76"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=By1Dgk7ohGMuyUFCm5YbQpzvrWzGUUjYCPzamRgENKnKklH9wpoBMWEQdYs2ilFBEshvurtdBHg5PxWsz8oafRVhwAgQYGE84E4Dza6M3hmYN6Lcg5c5SKQNhGvOoTEzNOXPAw9G4iXNTQtN6x9lYhbl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38ea31f2-MIA
FallbackElement.6e77afc5.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/FallbackElement.6e77afc5.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6db4e15d2e422158cc5ff8abe2a6cba77261d0c1a3ab13e3cd80fdd74d5910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QE7NAFB8N9S96CDX
age
4384
x-amz-server-side-encryption
AES256
x-amz-id-2
gtH6xVEXsKpv+nzFafy0eTYEwt9fq4K7009Hu+qGokBRUsa5XsrqZF1v5IA7iMiTrj0Y8nYx/bs=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"39f8b5e2536ee9a17f0ec95dbbf9a512"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuE0cIRukwmKS1lkuufwlUSuYF%2BO3sf0AmbuNRsGtCpJ25ibiKWFL%2F6ZmP6R7uJq%2FBEhFo3Pe23GDpH9L8CMp4%2F%2BQ1a5tbrWH6HVMgATe3DnApfPWkaPujdAuSs4R6RhOwY3I9lvWL78PUqXc%2B36BwnS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38eb31f2-MIA
get-redirect-url.2209ddc8.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/get-redirect-url.2209ddc8.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd8ab3b075b6c39f12e4af5b32b4451693e5d018875cd5e55d252aed072898c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F8GAHB9W68KPHBN9
age
21628
x-amz-server-side-encryption
AES256
x-amz-id-2
rONkb0bBGMMik2vSHoPNjS79GTKlZqz0pN6K/XPfNyhdMwDy+A3tddFVoiiH0W9FSfmUZeSCF3s=
last-modified
Tue, 05 Dec 2023 10:40:51 GMT
server
cloudflare
etag
W/"4cea917c1ba4a63bcf418f25869b350a"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cB2dAZdZGL56PAvZJn0CLIQGzh4%2B%2FPM23OA9fphXt2UmNBjDbxpJqFJaDyqGMWcz3gZt56KtP4dAlvHf8SQQCGMhSrtLWRvIZPRXQo8BvENniHXIwZvuSQNtpVE9YlQBNVCHLsJSl7qvBX32WRUL1su6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38ec31f2-MIA
become-partner-banner.72404557.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/become-partner-banner.72404557.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b798162be65ccc2a65c1ce7a5f69cf8cc8a152c5c59e1e29f8349271faa5b36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QE7RKQ94YWG07PZT
age
4552
x-amz-server-side-encryption
AES256
x-amz-id-2
/5TSxmCC0vjXPIW+DM+Js1ytqgl1GTE2WD12C3e+Y7Ac/CcSxYuIaROBDrqDwa9BC8nWsXS/6C8=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"c99e8f15ac5afd7f528773906bf0d751"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y55SMIGC7rP13n30t89iiTiTuOEnOJzs7mLSTYeMnDdy%2Bc0LAnaSFl9Oh7UaIvBBb8Av5hVr2IY22wPf8Foka4MrL3NWlxlRsa2yaaPPM3%2BuSUfZBXpgI%2BD9uNddCdZnFi6htCTOIxaFW2Myf9PlFhjt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38ed31f2-MIA
activity-badge.2ab0ce71.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		350 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/activity-badge.2ab0ce71.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cc20868944361470a915cd1702dfd6a6f0e583e8392b95fc3867ff498b2b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QE7M2PSB1GZKNHP2
age
4552
x-amz-server-side-encryption
AES256
x-amz-id-2
EkzpMrxvpCCOpXNt8NTvNkq59g79X1k2EC0sn0+aJ9L3SLp5iHnmgo/TdLvefMs9N40ddEW6L7Q=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"40b15dac80bdcd578301f2bcfe203854"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeBSW1dXWbuUqDEVSy9UphIqrOtYQ4k%2BmoplMsRiso1%2BrYx%2BLNZVmgdMTDwLyrd8K8VqilNVizxbtiCdjHqvTAsWTBzCVmFRnMdkttOhiMONTA02MdJ7AAr9nzJcntd6wm4kCtAliopZHYF%2BlV2UvOTk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38ee31f2-MIA
c-icon.7bc20ea1.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/c-icon.7bc20ea1.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d7e04aad567e10cf832f1d5a2e6060ebf147cf35f594f0d4c3350aedb1aee0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RZVZCP1715E14DCA
age
4664
x-amz-server-side-encryption
AES256
x-amz-id-2
MjeCAoYjb5ocIE2hUkDBm/pOSkOLXz0zBwCPvv6b+H7dFXCRLqw419stVTkmFAQhy9UR9l0CW1c=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"fc7ab7bff076d7662f46257563d0cd2e"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHAWdUjTmROniMHqfFwe5g9T6SP5LuH5GUaPfHv7dhuInjMp28eeUJfULU%2Bp2LglMt79Dtvx686kH8AReEeppXz8fC%2FUCxfJvlmmzH3Kh%2BEOtClN%2BsEgXD7iTSe1LLk%2FoZRqbhNLmcc5tj5F9s4Ww%2BoF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38ef31f2-MIA
c-button.bcaced00.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/c-button.bcaced00.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0bd0f92c2834172a671286deb6808975101df823c1a2135b132f10b01681928
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QE7HCTE5BE6JNAH5
age
4673
x-amz-server-side-encryption
AES256
x-amz-id-2
FiBVSke7Gf+12XwJfEds03AvKTdUqIr9RajnSmNLTXVf2Ao2P9V0FBg/B487bIK3cUxX9ff2z+0=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"9b3523b114b987371e5a4a3f46b47271"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb52lYenLN210LEXNehNP7hDhsXUAlAhI2NHSNenRt44LtTBgMMtfQtzD6qbMnyC7pYlJUgMB8nT8cOCoI0YuhPjUuVSOQiZq%2Bg5RQVx2lofvwOuaIFDZ2AZBC4LVoiZDn6F5RY%2BLAGKNsk%2BYy8dZ%2Bz%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b38f031f2-MIA
gyg-column.fada28e1.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/gyg-column.fada28e1.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5793dca8e58b80aab599c392e445f51f7b7df7c454592bcc4c64bf60206572e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/ActivityAutoWidget.bcdfb1a3.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QE7VS1H7Y3AH5EPA
age
4384
x-amz-server-side-encryption
AES256
x-amz-id-2
rrzgInCitUnTfCqlkLTcbuAgQfkOfl4CJgL91FGCKosnMg0UY8Qz3I6n/YiNQjdscGNKs1ppDQ0=
last-modified
Thu, 14 Dec 2023 15:34:00 GMT
server
cloudflare
etag
W/"629fb4fd2e4035495a9ad56e41bdf8b1"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qesQNMZFpAPsjho%2B1f77aJj7B77%2B3Fy92%2BP8XSZH%2FoNQm%2BFGq59ylUz2eIO93iPtbLTNQz6JaPxZ%2FWD%2BxImk0BAecIHlDZC2EFw3ZgqS7eEwFiAzdY%2Bk9MvuHlL%2BCDej3x2jg7E2rt%2FQ3G%2B1%2BOgl%2BNXx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b693a31f2-MIA
runtime-dom.esm-bundler.54223109.js
cdn.getyourguide.com/pwa/_astro/ Frame 788E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwa/_astro/runtime-dom.esm-bundler.54223109.js
Requested by
Host: recantopedrocaschalsacessovecu.apartbin.top
URL: https://recantopedrocaschalsacessovecu.apartbin.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09bf85ae656e2e23a9d984210f7b57008bfe697be77be3c42a71118b0db53a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwa/_astro/client.e71365e7.js
Origin
https://widget.getyourguide.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1ZD35BWFXWZG80W6
age
16555
x-amz-server-side-encryption
AES256
x-amz-id-2
3RtJkVEdfQqlyLgaWewu+ctykfTLHHxe1rEdu86RrUhEdHtAsslzbMmHzd2Io/CrrMN+HCnfwxY=
last-modified
Fri, 10 Nov 2023 08:28:39 GMT
server
cloudflare
etag
W/"504c16ace44b00f65d741daa8b9e7336"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnZT3kU0qLHvyMzWJ3XUOSzql3zgV6jLvLE2i7OOPfM6HwEjAvt8R0HzMu9yXRYOBHVpTs6URZo2IiXNW%2B3f%2BRIHLfcyIK6l7oh4s0y6m84Z1b0ZHDydDnddIzy0hcOXU%2Bz35XcELLpXzWjshMtrUbEQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, must-revalidate
cf-ray
8381339b693d31f2-MIA
156.webp
cdn.getyourguide.com/img/tour/9c059e71539ff7d3.jpeg/ Frame 788E 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getyourguide.com/img/tour/9c059e71539ff7d3.jpeg/156.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2e91e3e29bdbc96e02194d829d594dacc301a7305a24f112cdfb8395476eb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
x-amz-version-id
null
via
1.1 184ecda2873f0021882d1dce6dffe53e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
KIX50-P3
age
2505900
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
118340
x-amz-expiration
expiry-date="Sat, 09 Dec 2023 00:00:00 GMT", rule-id="cdn_images_delete_old_files"
last-modified
Wed, 30 Aug 2023 17:26:16 GMT
server
cloudflare
etag
"0813c4e373f8018af8aead835eafb85a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZOFE1Um6NfRKB9y4uXdQcDilWEmS%2BrS4a9Ojans0AcmH%2FqUtaxc%2BDY3Uv2YOkrT6WaC73UbysmBFp%2B72EWY7T8Hsx5PRvVH5u6G4DoSpud%2FPBT3uMKkMk4Ynjm7gSHuJgzGMLhWCbi97i42TVP2KU7k"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
8381339bef578dca-MIA
x-amz-cf-id
lj1clMgCqHVDFN8W4MTyAplG4OyCzkmIVxS8CHJ2pT6JHPnbFzjtbw==
156.webp
cdn.getyourguide.com/img/tour/79de0a2a4229e312.jpeg/ Frame 788E 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getyourguide.com/img/tour/79de0a2a4229e312.jpeg/156.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115ef459b130e56dc2298031d0a0376a4ce6e009fda98677918892768119a5fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
x-amz-version-id
null
via
1.1 b457a1bacc59a0b3984121cb26d5ab5c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
KIX50-P3
age
905212
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
180622
x-amz-expiration
expiry-date="Mon, 25 Dec 2023 00:00:00 GMT", rule-id="cdn_images_delete_old_files"
last-modified
Fri, 15 Sep 2023 18:17:26 GMT
server
cloudflare
etag
"811ed5d5196da2cd821cec9cc3881f6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44NGrLZn24TgPMrFvzAPflVs9mWgDe7DBRqzJtCrZC4XvCb%2BhlgzvzKng1yPtfLfz%2BT%2Fi27ESTcFguLQCWBkneXdRk0iavGU8bpyZPpJGmHmxVfFyjbovOA%2BOfeLcks1cHNhHBDqgVRFtkqRl%2F%2F0X%2Bdw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
8381339bef5a8dca-MIA
x-amz-cf-id
DwXJq05nm_o9GmnPIqOjRwQMVr86Bd21U3k9YzIv8MjILD_l5eMdpg==
156.webp
cdn.getyourguide.com/img/tour/5e5a99472ba44.jpeg/ Frame 788E 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getyourguide.com/img/tour/5e5a99472ba44.jpeg/156.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a16a9b33d4114aa8ddb1a93a97212af2a4bcf24b7d3262b00282b9174adfbb38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 17:00:24 GMT
x-amz-version-id
null
via
1.1 2105e9591880f79863df3d8c99a17988.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MEL50-C2
age
673663
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
69538
x-amz-expiration
expiry-date="Wed, 21 Feb 2024 00:00:00 GMT", rule-id="cdn_images_delete_old_files"
last-modified
Sun, 12 Nov 2023 06:34:45 GMT
server
cloudflare
etag
"bc7bd647e0780a65e0fa18537c687ca2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sRKXb3X4ot%2FAvz%2FIJdhONUqFXvSn8Rt6GWdJZY29%2FJUphHxa%2FS8swDlH0RH%2B7ULKVvu9mzPq0yFM9rSbeuPHHJVlozbGTz9SoYFGqhNr0ql8erjl34buSHcmakdGr3%2BwkP4y7eTJ1S3aphe7KFnT58A"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
8381339bef5c8dca-MIA
x-amz-cf-id
p77IB1zB43PXuipUKIxHI3814doAr2EaA5BehX7EgU9ttm0XFyIf0Q==
auto-widget-context
widget.getyourguide.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/auto-widget-context
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://recantopedrocaschalsacessovecu.apartbin.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery object| FontAwesomeKitConfig function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| gtag object| dataLayer function| translateDescription function| denyCookies function| acceptCookies string| gygPAStatus object| _GYG object| regeneratorRuntime object| HistoryEvents object| widget object| GYG object| pako object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

8 Cookies

Domain/Path Name / Value
recantopedrocaschalsacessovecu.apartbin.top/ Name: PHPSESSID
Value: 310aa947b9729cf9f703ddbe2ec3927b
.widget.getyourguide.com/ Name: __cf_bm
Value: PNRLV.rAycMCyatHkvTKw7xh3do_4hlpSDxqx_w1K5s-1703005222-1-AV0zrtBWacgluRBNOmtLxsnDklq51kqFbhzXa5DrpU36zsU1YzmH8hycKE7vahI7ceNINj0HZ/bHE8bbjJ1iR+U=
.getyourguide.com/ Name: visitor_id
Value: 39F2E2CB25A44908925F99688F8DD633
.apartbin.top/ Name: _ga_GQPP52LWDP
Value: GS1.1.1703005222.1.0.1703005222.0.0.0
.apartbin.top/ Name: _ga
Value: GA1.1.398122966.1703005223
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPee1bp5mi2WxH4B8n9fBhAZgMqSFHAG1W%2BbqDoZRyFHzIhqcWxHpJYnRRcy3dpEj%2BF%2BZVULNDtcozv2gx8A4Zg9vSoTrQNpZ2sBMsDwrV3lzCidSXYuDljEUPDOMI%2BR8%2BLdo1uD1lVkcPVydO83%2FoBa2
recantopedrocaschalsacessovecu.apartbin.top/ Name: session_id
Value: de537ac3-2544-41ea-8828-c907eb6fabd3
.cdn.getyourguide.com/ Name: __cf_bm
Value: aA1LVxbNuShoHzQsIqyA0.F8SW0h24nMz0_ZctZe3_4-1703005224-1-AUzJf+gIaDoB7mcZRDa+pTUX3q5lE6I8t0oSuaekDc5M8L/AvnFCv1MUzTISq/v94P8r+20BFVB+iRjRlxbFJz4=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-icons-png.flaticon.com
cdn.getyourguide.com
cf.bstatic.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
recantopedrocaschalsacessovecu.apartbin.top
translate.google.com
translate.googleapis.com
widget.getyourguide.com
www.booking.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.recantopedrocaschalsacessovecu.apartbin.top
2600:141b:800::1726:a8c3
2600:9000:2073:9600:5:bf05:acc0:93a1
2606:4700:3030::6815:47cb
2606:4700:4400::6812:2262
2606:4700:4400::ac40:93bc
2606:4700:4400::ac40:942a
2606:4700::6812:bcf
2606:4700:e2::ac40:8107
2607:f8b0:4006:808::2003
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80e::200a
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2008
52.85.61.64
01112b7e0e5e756b2300397441f7a014da06ba83bbea0f25e440534b74f0196e
023d3687e1e73adfdc1162e1f6ca400a05801a06afd7a33661d3986f5040693c
0b2e91e3e29bdbc96e02194d829d594dacc301a7305a24f112cdfb8395476eb4
0b6fb8c2b9ee6b41540fd549a726e431eb8667074da38d94af8a647ae05e9da7
0deca435ca6403095b4caaea960e1f26ce2fa676317842453630aa2df5b38173
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1159b30c458b9e6c86bd4f14e9682ea5e532eb704b7c7a76e97455d80b8bbc0f
115ef459b130e56dc2298031d0a0376a4ce6e009fda98677918892768119a5fe
11b449eb340c7c19dbd5ecc0a7680fb3e934c5d2fb1ff5a43ac3679100f23673
15150073edb736aab166355f808035adce2ef96138768cde51144e1db55a00d8
1b798162be65ccc2a65c1ce7a5f69cf8cc8a152c5c59e1e29f8349271faa5b36
206b430ad8e96d2f58a4c4cc6d2e5b97b40a1b62d9c1a7b027409b376da8c1de
21edfeed321858e780d840b2e215d4d77b2e80fcdace1916bfb1254596b4cedd
29951de20187ffcbde5f83801dad2ae4c1acc0013cbba80bd307cac739b0f347
32ed84804a2c0cb2e86798f23553633346a0715e99c9b6d66a465b8904877819
3b52dbb985cb4a72941d096e9f1d2d15eee851a611ff5860bea3e0be355c43ab
3b5a5f838cde98da50991530fecf7d5e02c2ef30ff1358fd27a9235abe8e1950
3d7e04aad567e10cf832f1d5a2e6060ebf147cf35f594f0d4c3350aedb1aee0d
3ee965fdb5c0cf1e92b69657284762cc097a787b3dfb90308c6022bbb89158d4
4558cd53d0b7ac03ec4e47b284b6f8d3457039383f00385e374a36ee1d73ac10
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4852b711c48027d6adc8e2a5cc053a7188bb7f1e57ebb1b245f5b224fb780a15
4a698da0c7280e507b417582b1ec74ab0489189984635dda6ae60471a4d3fa63
4cf92b5597acc4b55772e644d5c90cccf94b548ae1baadcabfe3dfd530abb6a8
4ea566bcfe25ec81ab2688387def9cb5990637e85a559003486d7f44f434302b
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76
5152697d6ee653c871c79b6c70587fe2c9951e3094d0a816190afdb234b43b6a
563fb2b6d6a32bf833eb237fdfa290458c6829dd0800cec838c0a65fd110852e
5793dca8e58b80aab599c392e445f51f7b7df7c454592bcc4c64bf60206572e5
5ad7526d50b7586ddfaee62b3fc95e71207136dc08f6a2b7ffd671ded73fab83
5d6db4e15d2e422158cc5ff8abe2a6cba77261d0c1a3ab13e3cd80fdd74d5910
5e8f8af5bb822648eb2f343706c44b6c213dcd461583dc23a6a4cb02444e3800
63f9e635bca6053c2baecd7e90f62ab7223c1425e93fb60fd6c1a8ece6151923
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
67f115695868153447017eb808ed1d6e97dfb41538a20b86042c61d4aafa05a5
6ca2e6b35e991742ee60d207f391f81eae3f3664ea22d3b6742f15b84cd17ef6
6dd82e5f3aea83251ff310c726962f06818d2137aec27f77bb5694d465cad44b
6fd42c02b12745f655e04e361e87cceb57f7d30e2af4dd182a3c876ffdd5102b
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
72b6d9bd44d0ce29a5e77a3ab224061c49661d9b8f6a57a04ba4974b3795d68e
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
77a9ece576f0a1c826a9970192a202980487a97e15967151c1241358e541807a
7985a3f2ce83d5e3735f8a1ece0f77960f4ee5198c9036eb710a51f49b8ab2ae
81178a6d72ed54dcdbc85fae2a74716d15f689296fe4315e1e03558306857004
840e8e78b3ee050003067b016cb06452b6c9934a47dd74e5042be80b9689d0a2
8bcef4d15a0c7757ddd9eb4e6a81f65d7aedc5fe6f4ba95d90c5a63381f156ad
90cc20868944361470a915cd1702dfd6a6f0e583e8392b95fc3867ff498b2b4b
9cdca1b97c48b26efb5fb742f78075bfabfc252b03320eb1fd2a6592dbbef919
a0ff1db86f13d31743f7e0c4d1c45fe7953cd5089d91be2a2ce3d12f7a4beae2
a16a9b33d4114aa8ddb1a93a97212af2a4bcf24b7d3262b00282b9174adfbb38
a2d588a6e31f11ade9a3f3764e33d670c4680ffa513306daf1b1bbf8bae306d5
a3668c35c677731ca1295a5f13ad82d97bc77aeb701720456f392e5bd888f2ef
a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368
acd8ab3b075b6c39f12e4af5b32b4451693e5d018875cd5e55d252aed072898c
b09bf85ae656e2e23a9d984210f7b57008bfe697be77be3c42a71118b0db53a0
b1303ca84fafe37f90d4f5ae0031894a9a490b1502e8cf88770f4bdb48a9dbe7
b2442485dcf89618aec72a85f9b9d7d86b8c072e7a3558e5efe06351382fcdff
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab
b5966dd63d10cc6a27f38bb9d4159f36b89176b7b6e70d7f50089dcd8b532fe3
bf3b43c2172955d46963b50ff11eb5049173996d32450513e8ba804c185c700d
c3f06cf6ded52069a79551343aca5f2269a048cedb9fbacd3cfff7136980659c
c41a57b30ba226eb8ba498bfc3866f2c040f0e1acaba5d3c8c9adb7b973bb5e8
c4b42fe227cbaecccbd5d441b1c9c149ade479067d5a258f614145b3342be951
c5759677f0bfab4fec44acc9bf4b8a7edb433004d13df87e84b9b4aba2ec9ab4
ca2a0109900808b4c833204cf6ba793405da360f9ec1d3a8f0f57198d047530b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d0bd0f92c2834172a671286deb6808975101df823c1a2135b132f10b01681928
d28d43698c2b701e031172c0f98f35b539aca2a63606c8959473f54e071298a9
d65aba5e0bc4034f1027927e6bc2217d0b9b1d720b65acc62e2fe3d13ac6e6cd
d6b42ca74fffb2087dee37c14a0ff0dbcdc0f36b7b76799e95552a6089120969
daaee0418187dbf0f8f78a3556c6301988a36fc329615a604aa815eaab279b1d
dbc5c6cc8dc52fe293be4d79d32c85f9e8d9baa9867653927dda0c1b905a3505
dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c
ddc64e22f33795e2f16bcd5b11fd432261ac3be8cfbee73f94c678658ec98147
dee7f5f4f1f198eb581d002a52ad1861aac72d66d5b614df3b2a88d475873896
dfe664f62b873b86e2ad8dfbd40c7f5cefe647f866fc2ac4cf30698785b20736
e0ae1701b7fa5217625402f514d5a16a06fe10926037c0de169643e192221a59
e2f25ea7e5a3a22457dd0f39527d10ab53cc48f6de050cb2b30ac51f3aba69ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e826524250716c7e17af91c57cdf9931686c4531fbe187e37cd5375886eab07c
e8715224420351d091a2e8a375f89fe7b53f4aa4c57b2eca1688755c5f354620
eb510119610836f9506f83340da311a4e6b42a2bb4449ac15ba2e2f39950cdd3
ee4223e10a637aed67fcbfce9afe1418378e04f4ef31aadf897908a11f574b6c
ef11b809a14942d1133c6d79e8c88ac11ad2f9dd4fd67f9b835705c13575c337
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
fa8ae1f03ce748f5ab16b8c3bc8f18615a1ae41b8b7e083b861d322aa8641bcc
fb396a40f3015873640f456b03fec7dde3e707428080d01e050ed775351727d5
fc08d5493772e19b52602ab650e7f6737963ec1a4cd61dc2cc26bb5716b714a4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e