downtown10minrooftopdeckkingsu.bhotel.top Open in urlscan Pro
204.93.224.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://downtown10minrooftopdeckkingsu.bhotel.top/
Submission: On October 08 via api (October 8th 2023, 4:35:11 am UTC) from US — Scanned from US

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 1 countries across 10 domains to perform 81 HTTP transactions. The main IP is 204.93.224.158, located in Chicago, United States and belongs to SERVERCENTRAL, US. The main domain is downtown10minrooftopdeckkingsu.bhotel.top.
TLS certificate: Issued by R3 on October 5th 2023. Valid for: 3 months.

This is the only time downtown10minrooftopdeckkingsu.bhotel.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	204.93.224.158 204.93.224.158	23352 (SERVERCEN...) (SERVERCENTRAL)
6	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c06::71	15169 (GOOGLE) (GOOGLE)
7	2606:4700:440... 2606:4700:4400::6812:2262	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:e80... 2600:141b:e800:34::173e:2f04	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	2600:9000:210... 2600:9000:210b:3200:1c:d826:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:e2:... 2606:4700:e2::ac40:8309	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
2	52.85.61.84 52.85.61.84	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
18	2606:4700:440... 2606:4700:4400::ac40:942a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
81	17

1 204.93.224.158 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: bh8964.banahosting.com

downtown10minrooftopdeckkingsu.bhotel.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::71 (Washington, United States)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:2262 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.getyourguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:e800:34::173e:2f04 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn-icons-png.flaticon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:210b:3200:1c:d826:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:e2::ac40:8309 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.61.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-84.ewr53.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:4400::ac40:942a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.getyourguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	getyourguide.com widget.getyourguide.com — Cisco Umbrella Rank: 38549 cdn.getyourguide.com — Cisco Umbrella Rank: 41576	823 KB
20	bstatic.com cf.bstatic.com — Cisco Umbrella Rank: 16340	825 KB
17	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49 translate.googleapis.com — Cisco Umbrella Rank: 1163 maps.googleapis.com — Cisco Umbrella Rank: 418	326 KB
10	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1848 ka-f.fontawesome.com — Cisco Umbrella Rank: 3656	211 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com maps.gstatic.com	40 KB
2	booking.com www.booking.com — Cisco Umbrella Rank: 10281	56 KB
1	flaticon.com cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 42047	21 KB
1	google.com translate.google.com — Cisco Umbrella Rank: 1375	30 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183	5 KB
1	bhotel.top downtown10minrooftopdeckkingsu.bhotel.top	5 KB
81	10

	Domain	Requested by
20	cf.bstatic.com	downtown10minrooftopdeckkingsu.bhotel.top www.booking.com cf.bstatic.com
18	cdn.getyourguide.com	widget.getyourguide.com cdn.getyourguide.com
10	maps.googleapis.com	cf.bstatic.com maps.googleapis.com
9	ka-f.fontawesome.com	kit.fontawesome.com downtown10minrooftopdeckkingsu.bhotel.top
7	widget.getyourguide.com	downtown10minrooftopdeckkingsu.bhotel.top widget.getyourguide.com cdn.getyourguide.com
5	fonts.googleapis.com	downtown10minrooftopdeckkingsu.bhotel.top
2	www.booking.com	downtown10minrooftopdeckkingsu.bhotel.top cf.bstatic.com
1	maps.gstatic.com
1	fonts.gstatic.com	fonts.googleapis.com
1	translate.googleapis.com
1	www.gstatic.com
1	cdn-icons-png.flaticon.com	downtown10minrooftopdeckkingsu.bhotel.top
1	translate.google.com	downtown10minrooftopdeckkingsu.bhotel.top
1	maxcdn.bootstrapcdn.com	downtown10minrooftopdeckkingsu.bhotel.top
1	kit.fontawesome.com	downtown10minrooftopdeckkingsu.bhotel.top
1	ajax.googleapis.com	downtown10minrooftopdeckkingsu.bhotel.top
1	downtown10minrooftopdeckkingsu.bhotel.top
81	17

This site contains links to these domains. Also see Links.

Domain
booking.com

Subject Issuer	Validity	Valid
*.bhotel.top R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.flaticon.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-13` - `2024-08-31`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-12` - `2024-05-18`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://downtown10minrooftopdeckkingsu.bhotel.top/
Frame ID: C18D237E9E123385686567ECDB31A8CA
Requests: 35 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=32.78001960&longitude=-96.88194695&landmark_name=Downtown%2010%20min%20Rooftop%20Deck%20King%20Suite%2055%20Smart%20TV&mwhsb=0&address=3725%20Toronto%20Street,%20Dallas,%20TX%2075212,%20United%20States&
Frame ID: 2D4A9602B90BE85CB0E618E6BE80B698
Requests: 27 HTTP requests in this frame

Frame: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696739701902&sha=7d3e7932-9fc9-503d-a25c-7575471497cb&website=https%3A%2F%2Fdowntown10minrooftopdeckkingsu.bhotel.top%2F&visitor_id=2DB1DB3C11D84B4F938384845B6F6744
Frame ID: 744E212A6F2D0909332E9C04198879FA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Downtown 10 min Rooftop Deck King Suite 55 Smart TV

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

100 %
HTTPS

88 %
IPv6

10
Domains

17
Subdomains

17
IPs

1
Countries

2343 kB
Transfer

5340 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://booking.com/hotel/us/downtown-10-min-rooftop-deck-king-suite-55-smart-tv.html?aid=2295968&label=summerend
Title: Book a room

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
downtown10minrooftopdeckkingsu.bhotel.top/ 23 KB
5 KB 714ms
538ms Document
text/html 204.93.224.158
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://downtown10minrooftopdeckkingsu.bhotel.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.93.224.158 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: bh8964.banahosting.com
Software: /
Resource Hash: abf84fbbeb3b1a3058bd3dee6cc071e6375bdcaf19030befbf3481d9ad2ea184

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 08 Oct 2023 04:34:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 161ms
52ms Script
text/javascript 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 03:02:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 761 B
455 B 172ms
64ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 04:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 03:57:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 04:35:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
803 B 173ms
65ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900&display=swap

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddc64e22f33795e2f16bcd5b11fd432261ac3be8cfbee73f94c678658ec98147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 04:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 03:32:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 04:35:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
958 B 171ms
63ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 04:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 03:54:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 04:35:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
625 B 174ms
66ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:300,400,500,600,700&display=swap

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bcef4d15a0c7757ddd9eb4e6a81f65d7aedc5fe6f4ba95d90c5a63381f156ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 04:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 03:06:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 04:35:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
810 B 174ms
66ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:100,200,300,400,500,600,700,800,900&display=swap

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63f9e635bca6053c2baecd7e90f62ab7223c1425e93fb60fd6c1a8ece6151923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 04:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/ro
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 04:35:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 04:35:00 GMT

GET
H2 200 c597f1ee3e.js Show response
kit.fontawesome.com/ 11 KB
5 KB 187ms
126ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/c597f1ee3e.js
Requested by: Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41cddf2dcd942128378479c5fd87a454441f02b678186cff7f9f1a2a16d2247b

Request headers

Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
Origin: https://downtown10minrooftopdeckkingsu.bhotel.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 812bacb74c3dda6b-MIA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F4wHxI9zRVmT__GzSXhh

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 100ms
40ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 674, 718, 718
age: 11584685
cdn-cachedat: 2021-06-08 14:42:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c05556181684989ee9931f13501d851b
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 812bacb749518dc0-MIA
cdn-requestpullsuccess: True

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 85 KB
30 KB 185ms
76ms Script
text/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0933b1db14b79209550f7a3a21565c832a8df1d640b72f56bf39e24de286004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 04:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pa.umd.production.min.js Show response
widget.getyourguide.com/dist/ 1 KB
1 KB 147ms
39ms Script
text/javascript 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/dist/pa.umd.production.min.js

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef33d4a0fdc087362d1034e913a6b3ad65c68e6544548b3e4231cfa60f824774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: QYT7G65PEK0X5CF6
age: 2263
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: p7esw+RaswvYO9cpp4uPeJayH5NKoHaY0gA8qj/SJsHYgXnFu5SP+FzzQpuycgeYry+Ak4YzeI8=
last-modified: Fri, 06 Oct 2023 13:54:14 GMT
server: cloudflare
etag: W/"3818846882b40600a224eaa6ffa1d138"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public, must-revalidate
cf-ray: 812bacb8eeadda13-MIA

GET
H2 200 4540790.png
cdn-icons-png.flaticon.com/512/4540/ 21 KB
21 KB 262ms
61ms Image
image/png 2600:141b:e800:34::173e:2f04
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-icons-png.flaticon.com/512/4540/4540790.png
Requested by: Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:34::173e:2f04 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4ea566bcfe25ec81ab2688387def9cb5990637e85a559003486d7f44f434302b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
x-amz-meta-goog-reserved-file-mtime: 1618407112
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 21282
pragma: public
last-modified: Thu, 14 Oct 2021 17:42:10 GMT
etag: "a442729b18adb8a2204efb18b90423e8"
vary: Accept-Encoding
x-goog-generation: 1634233330818338
content-type: image/png
access-control-allow-origin: *
x-default-rule: YES
cache-control: public, max-age=31536000
x-goog-stored-content-length: 21282
x-amz-checksum-crc32c: FvDczg==
accept-ranges: bytes
x-amz-meta-x-goog-reserved-source-generation: 1627247437293334
expires: Sun, 08 Oct 2023 04:35:00 GMT

GET
H2 200 396660888.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 97 KB
97 KB 520ms
388ms Image
image/jpeg 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/hotel/max1200/396660888.jpg?k=8367e2f2cbfe4ffb38ba59392df96d2ac5a1afaa369dce225d9239d53c7dabd3&o=&hp=1

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8885df9f7fb03c1e6dfece2bd7bbecf0289075c03ac92155e2e1da39f61cc0c7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C3
etag: "0664961b6afb0a742aaa186b6cdea7acb22beacf"
x-cache: Miss from cloudfront
content-language: 98978
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: KVd2f2pk969i0AuDcxrsyvc7ZVdxbtypPviodFJ1ftXLnKF_mzeKIg==
x-xss-protection: 1; mode=block

GET
H2 200 400850557.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 91 KB
92 KB 403ms
272ms Image
image/jpeg 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/hotel/max1200/400850557.jpg?k=a24905a4bd8c00f23e3e1e5fb70ffb830c4ecc11864a5222067b164471e6bf0f&o=&hp=1

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4dafcc1c39005f1bf7e4b3faa5d7b7be2d03a81e5346ea1e9d7fe46b9279ae65

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C3
etag: "c6fba730fe1a1a26e815733e83e81174bcdc0227"
x-cache: Miss from cloudfront
content-language: 93308
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: AnGNgadfWvImIH8jLizz0ACWM29v5nheCdhTWNQW-3xLa0Rz6mLh-Q==
x-xss-protection: 1; mode=block

GET
H2 200 400433995.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 87 KB
88 KB 504ms
373ms Image
image/jpeg 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/hotel/max1200/400433995.jpg?k=c2b5547ebb93e5d272f5c98e8e33cae5d8244a09819e164bfac7167ce2a07fe8&o=&hp=1

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5ff1de34a8b558ddaf79ae843e5b9e50db2d7b62e88ae621da7582a37bc3626b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C3
etag: "3c8208a3e9b632fe2c85c8bd0721a7b7dadc36ad"
x-cache: Miss from cloudfront
content-language: 89306
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: Kfcao4bH_n5plXykB9Vhfn3Vi_op13zX4iN0mQXzqDxsgqH7ZO6y8Q==
x-xss-protection: 1; mode=block

GET
H2 200 400436507.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 91 KB
91 KB 768ms
637ms Image
image/jpeg 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/hotel/max1200/400436507.jpg?k=707bbf5455586473572e2afd7951d6635b43d3b48f5c3cb4c7045e1f9c10c80e&o=&hp=1

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d9d0020e30ad338e09f4571b3185283356d133abe5b1f3920f30b0281e2ac858

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:01 GMT
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C3
etag: "c3a234f38aa8ebb2b446f55ba4dbb8b23b9b2d45"
x-cache: Miss from cloudfront
content-language: 92923
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: z0jN85XI58D6srWQGcPLz_ZTtwQOpUaK-Wh7rKQoI1N9TQBuw5WRBw==
x-xss-protection: 1; mode=block

GET
H2 200 411906720.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 85 KB
86 KB 536ms
405ms Image
image/jpeg 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/hotel/max1200/411906720.jpg?k=c48687eede44066df2f4cdb8b085703e5f1918c454920920e9a3fabcb25c7f08&o=&hp=1

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6612b27e9a2237b7f7d3a8ae15e8da1cb79d00bb589e2b66f9b492af8ef5ea78

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C3
etag: "b2e86820d15a2ab023fb23090954ca1e399672dd"
x-cache: Miss from cloudfront
content-language: 87111
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: iLvPh9817wnzi7cUO3SyeqGeDEsjL6PFcRSmDe4K7vzlSOzFkvDovA==
x-xss-protection: 1; mode=block

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 100 KB
23 KB 119ms
40ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=c597f1ee3e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 f2a1384c219ffd4f6867ab3f186e613a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"ae737a19e46fd502ba9cbe9e33213861"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UEuZZ8qzmn9QNPkhJpUIm9XO6eu6TOWkO%2Bd1M5HeyP%2BFTzzbwh%2FIG6yGohFsYy02D%2FzV1FUkC6LrmyVwHWywgcOepWSsd8QpQ7GuY4iF%2FPulc%2Ft8ArY3WRdr4FeZSY7xaMsj0ENOxxhdwFKw1OHDG%2B%2F7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 812bacb8e99bdb09-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: YcOf33ieP9TFTdAioJsH6H_uYMpyv4maCXqz1p6dzN23q6XKP54PGw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 27 KB
5 KB 117ms
39ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=c597f1ee3e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 72aa1f6d307a536bbaffdcdb498b124c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"da06df503ced6ee507b5fb4fa0999f74"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMxuju3IhR54SuXqhEZsQdGUfzRukL%2BBv3gWFMNHLqrqaRw7bZbDthcruNQ5pvVxoiJf92cGvPw5mHzqJ%2BH%2FL8Zz1TsAZDwJUqNmi5NJ1fxCJN%2BQGKLwmMC6GtFHpYOSl2cvy%2FF0cyXoGOAYD5%2FYhWRc%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 812bacb8e99edb09-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: R41UGtd8xriOd9dDOXbHCP5AJ-Vi5Fg1LqcCNjpaaq1sauaEsOEiaA==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 823 B
1 KB 113ms
35ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=c597f1ee3e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 5dd2304368effbad5413134075a82ff0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"dbf296002d53e56d340b105d9d764940"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BM9kA1VBwx8LVBqU4bw3jwLwidA1NWL6DESobuf33g%2FVj6CHv0yrfH8urD%2FJFdJTmdChk5veW5i2NziuzUfwxrXVh%2FI2NCjoRB4S8Pu84qmGYUy%2BTzL1FwuOCfJYuCt%2FK0CgqK5LEsSIVxKkShDHMOhuWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 812bacb8e9a2db09-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: DX_cOnbOQcIKNiJC5JfImmbudwuYICAY25iQgYXhXYY0aym9ymocww==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 2 KB
1 KB 115ms
37ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=c597f1ee3e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 8f99d698624c0704470547731241e282.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"9b853b50f37dd0ca770ce0f294d427df"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAmq4ZtWuV3ZeOVj%2Butth5QFCeHMSxysMy%2F%2BJcQgd8yVoDYBU8PRvoeYmPe8ygb1mjJAO5pI9Pp9%2Fnr4VGik98kl%2Bv26NzmkTRDLuI81jSwu94Q0PlUqaJkGls%2FGIgentjaT4U3Tin9QaZQqygjJUAuHEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 812bacb8e9a8db09-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: GNCHYlM-Rm39c9STXC0y8MmcyS0Cy9xy5VReTO5ss7j7EkY16p2gMg==

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/ 22 KB
5 KB 173ms
54ms Stylesheet
text/css 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.GaVmmhRxpFk.O/d=1/rs=AN8SPfr-kE6JvqJgfXfDhMAtg7kUwoLPwA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 18:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 18:08:41 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.GaVmmhRxpFk.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr-kE6JvqJgfXfDhMAtg7kUwoLPwA/ 217 KB
77 KB 169ms
53ms Script
text/javascript 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.GaVmmhRxpFk.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr-kE6JvqJgfXfDhMAtg7kUwoLPwA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.GaVmmhRxpFk.O/d=1/rs=AN8SPfr-kE6JvqJgfXfDhMAtg7kUwoLPwA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18af2bf64a77a50bc46c1fe63efbaee38ab0e0fb8c47976bc4c159f2505550cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78183
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:09:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 13:01:04 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 100 KB
23 KB 136ms
64ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=c597f1ee3e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 f2a1384c219ffd4f6867ab3f186e613a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"ae737a19e46fd502ba9cbe9e33213861"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1sFyqf3HdgOpArhB7r3bW7ns6vOaOH6FDe%2Bor5RKwTgICyvu0Pw3Xk4%2F1GJRl6siBuAaQXtgeTun2ggfRsNFoWZ5XJuCq%2B2bEOZ8y7FHaLmdziKvSBmsQcccIx97wpSbWJKR32raUK4hjBife8cdr3kew%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 812bacb8e9a7db09-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: YcOf33ieP9TFTdAioJsH6H_uYMpyv4maCXqz1p6dzN23q6XKP54PGw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 27 KB
5 KB 108ms
35ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=c597f1ee3e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 72aa1f6d307a536bbaffdcdb498b124c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"da06df503ced6ee507b5fb4fa0999f74"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLCoFeXmojhkvruuOagswkYvRRb%2BSEJyNjic%2FFuvFRvOgfgT5jouxxjGBcB%2Fuztwkdtn9hNQ8%2By1xFZ2KEBWqU382NK75iIHCdHRLquTMfTjBhQRPK4baauKME%2BqIgzKkg2sIu9kUy28d8iXnKojg5lu%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 812bacb8e9a3db09-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: R41UGtd8xriOd9dDOXbHCP5AJ-Vi5Fg1LqcCNjpaaq1sauaEsOEiaA==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 823 B
602 B 135ms
63ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=c597f1ee3e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 5dd2304368effbad5413134075a82ff0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"dbf296002d53e56d340b105d9d764940"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SseZfAbjLOzFp30P2bg%2FqshsxVCqzPB4Pct6Tl0iWeqQYuBf80ZZfCT08PWSGLprUPLsswFvEHD7%2BoZFE09ZkjtA%2ByRqm8lWHp6BbdZ%2FtJJtOv%2BqVV8wGqdKbsDii3CcRzunFyFN9DRmLOYTKNDgA%2BiUxA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 812bacb8e9a5db09-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: DX_cOnbOQcIKNiJC5JfImmbudwuYICAY25iQgYXhXYY0aym9ymocww==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 2 KB
1 KB 135ms
63ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=c597f1ee3e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 8f99d698624c0704470547731241e282.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"9b853b50f37dd0ca770ce0f294d427df"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W59Zs%2BsDeBJEb1nZQO1G%2FZrBXTKEaOUA91FF9lrdENOljlU5MUDXTyPEuBoQM%2FfOgD9Cpy4BrNIOhwdCXe9eztT6%2BeNksEw7PQv%2BwQpQvj6n0c2rdQwJ1bEA4yeZ6va6Xs%2FUhucxrzn%2Fh5DHeapgIDkR6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 812bacb8e9a4db09-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: GNCHYlM-Rm39c9STXC0y8MmcyS0Cy9xy5VReTO5ss7j7EkY16p2gMg==

GET
H2 200 flexiproduct.html Show response
www.booking.com/ Frame 2D4A 160 KB
55 KB 571ms
454ms Document
text/html 52.85.61.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=32.78001960&longitude=-96.88194695&landmark_name=Downtown%2010%20min%20Rooftop%20Deck%20King%20Suite%2055%20Smart%20TV&mwhsb=0&address=3725%20Toronto%20Street,%20Dallas,%20TX%2075212,%20United%20States&

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-84.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7d63f2e5371a3c4a6654a87dbe50d33b26afac111f7020e1eab31560d0c984aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 54450
content-type: text/html; charset=UTF-8
date: Sun, 08 Oct 2023 04:35:01 GMT
nel: {"report_to":"default","max_age":604800}
report-to: {"max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default"}
server: nginx
strict-transport-security: max-age=300; includeSubDomains
vary: User-Agent, Accept-Encoding
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
x-amz-cf-id: n7jCI7Tej2CN5uLJ2wkqZZZg58d7cCIobF8YoR27oYgNKP1aI5TCIQ==
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 415173913.jpg
cf.bstatic.com/xdata/images/hotel/max1024x768/ 70 KB
71 KB 202ms
77ms Image
image/jpeg 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/hotel/max1024x768/415173913.jpg?k=a0283c10d597be1ac2245dd81509115bfbaa3b24a549890e6550570313f67de3&o=&hp=1

Requested by

Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

67dd990ebb1eb7fcf8eb3f2d4652d854f6e329019f40138c4f3fe3a65454a9bc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:32:44 GMT
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C3
age: 194536
etag: "29d9d94607081baec882a2e1988da5b8703e8190"
x-cache: Hit from cloudfront
content-language: 71800
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: -pE9faYgEGclwpjfp-CqSj6IVN8LCPS_H8dbkRlVVIGjWXOLFtaEwQ==
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 161ms
53ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://downtown10minrooftopdeckkingsu.bhotel.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:11:22 GMT
x-content-type-options: nosniff
age: 332618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 08:11:22 GMT

GET
H2 200 widget.js Show response
widget.getyourguide.com/pw/latest/client-loader/ 19 KB
7 KB 42ms
40ms Script
text/javascript 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/pw/latest/client-loader/widget.js

Requested by

Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffffad0e6bd2527414de953f145e050f53548626d9bf8c79047b4475ce437c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: V37ETC9W6AABR8Z6
age: 42
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8b5Pr8viFo+sL/KDVMDGIv+pETzp8JaQVXl5gMzk62gf2wp3uR4+j/uClgXEp18QieBNxtHM8mw=
last-modified: Fri, 22 Sep 2023 12:22:00 GMT
server: cloudflare
etag: W/"dd834ed530c58edb16fe4c267a38c4e3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=100, public, must-revalidate
cf-ray: 812bacb92ec9da13-MIA

GET
H2 200 pa-main.1696600431583_601cca65f45408c73da7ac4319a36936f712fb3c.umd.production.min.js Show response
widget.getyourguide.com/dist/ 61 KB
18 KB 39ms
38ms Script
text/javascript 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/dist/pa-main.1696600431583_601cca65f45408c73da7ac4319a36936f712fb3c.umd.production.min.js

Requested by

Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d627ec5cf16d0e4fc00d47ff7e903685a7c55861a6b79bb5315c45b011ca165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Q6ZDWYAJ26EESV3C
age: 189
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qST2I4pyxIr5j0DBVJMTlHeDrSuJqit8rBWqWadgH1pgDdkkdVNvVul3Vvu10lbVoarmQDlQbS4=
last-modified: Fri, 06 Oct 2023 13:54:14 GMT
server: cloudflare
etag: W/"46a37a106769c35b04c31d186ead4b47"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public, must-revalidate
cf-ray: 812bacb92ecbda13-MIA

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ 147 KB
147 KB 35ms
35ms Font
font/woff2 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-solid-900.woff2
Requested by: Host: downtown10minrooftopdeckkingsu.bhotel.top
URL: https://downtown10minrooftopdeckkingsu.bhotel.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5

Request headers

Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
Origin: https://downtown10minrooftopdeckkingsu.bhotel.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
via: 1.1 cf3d1f97e96a04720e63ac8b1955ac3e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Tue, 01 Aug 2023 19:25:32 GMT
server: cloudflare
etag: "a8dcee416ebfe6e615e5902a49500e48"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIT7G3r13RsfsQ1tl2SUoDi4f1%2FWxKe1BHr5fd7XMTffsmqVs8%2FM7IJwc8LlQ7qJZRXKVCuGFrSvMx133wDf4%2FsIYFUU%2B7UuI%2BK7%2Fz%2FigD724t5Q2ow2Rg45dxYCJHYzWdKT5sIclvh4d6F%2B0gdfp02yKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 812bacb96a04db09-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: PYct6-IN-VUWa7u853gixQfZE7aV04JLq44lBjU7OeF3aga-yqANzQ==

GET
H3 200 _gnikcart Show response
widget.getyourguide.com/ 61 B
771 B 173ms
172ms Fetch
application/json 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/_gnikcart?q=eyJwYXJ0bmVyX2lkIjoiS0FDSk1JViIsInVybCI6Imh0dHBzOi8vZG93bnRvd24xMG1pbnJvb2Z0b3BkZWNra2luZ3N1LmJob3RlbC50b3AvIn0%3D

Requested by

Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0de29dda480682344a32a735a6add015a8c855fc0137ed2f76039b8cfb2869c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' data:;report-uri https://o551949.ingest.sentry.io/api/6033708/security/?sentry_key=0fcdc4a9b90a482e9975c8356e76b3e3
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:00 GMT
content-security-policy: default-src 'self'; script-src 'self'; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' data:;report-uri https://o551949.ingest.sentry.io/api/6033708/security/?sentry_key=0fcdc4a9b90a482e9975c8356e76b3e3
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: Express
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6d97eee1-43e5-494c-b867-898f4a050549
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3d-/fNrUo6+jZUBLTXyRQ5SEkUjdQo"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://downtown10minrooftopdeckkingsu.bhotel.top
access-control-allow-credentials: true
cf-ray: 812bacb97d592221-MIA

GET
H2 200 1c85e65b871a7f1a4e932532568545cf034db610.css
cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/ Frame 2D4A 484 KB
46 KB 63ms
62ms Stylesheet
text/css 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=32.78001960&longitude=-96.88194695&landmark_name=Downtown%2010%20min%20Rooftop%20Deck%20King%20Suite%2055%20Smart%20TV&mwhsb=0&address=3725%20Toronto%20Street,%20Dallas,%20TX%2075212,%20United%20States&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0f3e34bdcc1b20a94e6bcfcfdb28763dd1d1d8bc1313ab9e4eb725d98e9b8e40

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:53:01 GMT
content-encoding: br
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 1086119
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Jul 2023 12:27:54 GMT
server: nginx
etag: W/"64c262ca-78e1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: ROrsmhCjWFLMCvNv0eCwkHldD-H4M_Ok5sFTRJP5J9VsOwfAYnHzwQ==
expires: Wed, 25 Oct 2023 14:53:01 GMT

GET
H2 200 80f233253dc274b95a7f9cb323c7126b657ea7ae.png
cf.bstatic.com/static/img/b26logo/booking_logo_retina_light_bg/ Frame 2D4A 5 KB
6 KB 68ms
68ms Image
image/png 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/b26logo/booking_logo_retina_light_bg/80f233253dc274b95a7f9cb323c7126b657ea7ae.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d28d43698c2b701e031172c0f98f35b539aca2a63606c8959473f54e071298a9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 20:43:43 GMT
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 2361078
x-cache: Hit from cloudfront
content-length: 5066
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:50 GMT
server: nginx
etag: "5cadd1ce-13ca"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: vZMb0rBkFW6HjE33wArRFvLY9rFrGXczqRFyyk_cnveed8mvWl0Xbg==
expires: Tue, 10 Oct 2023 20:43:43 GMT

GET
H2 200 0acd2ada6c74d5dec978a04ea837952bdf050cd2.js Show response
cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/ Frame 2D4A 6 KB
3 KB 180ms
60ms Script
application/javascript 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf050cd2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c3f06cf6ded52069a79551343aca5f2269a048cedb9fbacd3cfff7136980659c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 08:00:04 GMT
content-encoding: br
via: 1.1 9ef00004ef0e93efae76c75d3a2df1b4.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 1197297
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 14:29:30 GMT
server: nginx
etag: W/"63a3184a-180b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: -rY_6kaKkT1T_6m8HYV9LkXFIQ6ZjA8Y9jmY56Np7XxH64YTTQnyGQ==
expires: Tue, 24 Oct 2023 08:00:04 GMT

GET
H2 200 e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js Show response
cf.bstatic.com/static/js/jquery_cloudfront_sd/ Frame 2D4A 103 KB
33 KB 290ms
198ms Script
application/javascript 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5ad7526d50b7586ddfaee62b3fc95e71207136dc08f6a2b7ffd671ded73fab83

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 08:46:39 GMT
content-encoding: br
via: 1.1 9ef00004ef0e93efae76c75d3a2df1b4.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 1194502
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jun 2022 13:43:41 GMT
server: nginx
etag: W/"62bb058d-19a42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: _hta0GY_w0dqQtamZWbz33LugCU9O7LNGj2DTdydpULWkID6NWMl4A==
expires: Tue, 24 Oct 2023 08:46:39 GMT

GET
H2 200 4b7a7f25894c6930265f0325889ed948adabae69.js Show response
cf.bstatic.com/static/js/bui_inlined_cloudfront_sd/ Frame 2D4A 102 KB
25 KB 330ms
238ms Script
application/javascript 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/bui_inlined_cloudfront_sd/4b7a7f25894c6930265f0325889ed948adabae69.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

77a9ece576f0a1c826a9970192a202980487a97e15967151c1241358e541807a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 14:53:00 GMT
content-encoding: br
via: 1.1 9ef00004ef0e93efae76c75d3a2df1b4.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 1086120
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Jul 2023 12:27:54 GMT
server: nginx
etag: W/"64c262ca-198bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: NMYLT8Zci7t9sMw8nk4pzTASWWUyKLxWBAUUKj_byOC7sWsvuCboiQ==
expires: Wed, 25 Oct 2023 14:53:00 GMT

GET
H2 200 5a35235454cb19f6b6094042d978e1ee21c29c2d.js Show response
cf.bstatic.com/static/js/affiliatewidget_map_cloudfront_sd/ Frame 2D4A 149 KB
44 KB 210ms
118ms Script
application/javascript 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/affiliatewidget_map_cloudfront_sd/5a35235454cb19f6b6094042d978e1ee21c29c2d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c376ad6bdfc8953fcc97bd6d09b11c75a652a26eeaf1ae056bf268600b5dd27b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 09:10:23 GMT
content-encoding: br
via: 1.1 9ef00004ef0e93efae76c75d3a2df1b4.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 1365878
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Aug 2022 09:04:00 GMT
server: nginx
etag: W/"62fa0c00-2557b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: aK3GALU1jOb1re_f1K6Jgbvq4ywi86RE8M976Eii16uOjy9cWEgtcg==
expires: Sun, 22 Oct 2023 09:10:23 GMT

GET
H2 200 ce02cc91e60b353c0cf45a97886f2e6a70912213.js Show response
cf.bstatic.com/static/js/atlas_v2_cloudfront_sd/ Frame 2D4A 60 KB
16 KB 161ms
69ms Script
application/javascript 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/atlas_v2_cloudfront_sd/ce02cc91e60b353c0cf45a97886f2e6a70912213.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3644394a488d3937d291c4d1539b16b154fc951fbc5702430c40d3f43a6d1e5b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:29:22 GMT
content-encoding: br
via: 1.1 9ef00004ef0e93efae76c75d3a2df1b4.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 2322339
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 01 May 2023 08:39:20 GMT
server: nginx
etag: W/"644f7ab8-ef66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: HlDpoQEvbAgGzywRuY-pzXwUG5-Kfn9EBK8H6TajsQm4W196e4L6XQ==
expires: Wed, 11 Oct 2023 07:29:22 GMT

GET
H2 200 35a0f9a0dfc4fd47ae5f123184b6c94bf27425f5.js Show response
cf.bstatic.com/static/js/affiliatewidget_map_modules_cloudfront_sd/ Frame 2D4A 220 KB
52 KB 307ms
215ms Script
application/javascript 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/affiliatewidget_map_modules_cloudfront_sd/35a0f9a0dfc4fd47ae5f123184b6c94bf27425f5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d4ecb944cfb2e5e2257cdc2b18ddca4e86bacd135606c7f3fd2b45a597905310

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 14:33:20 GMT
content-encoding: br
via: 1.1 9ef00004ef0e93efae76c75d3a2df1b4.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 396101
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Oct 2023 14:24:30 GMT
server: nginx
etag: W/"651c241e-371c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: MXUQd76TjynDlLahOyV5xVzGMQYyN4uXo5oRUQrnvOBNf8hBBgMUHA==
expires: Thu, 02 Nov 2023 14:33:20 GMT

GET
H2 200 1e4baed6db1cd89e71904e678f0a70b0e701ea9f.js Show response
cf.bstatic.com/static/js/searchbox_cloudfront_sd/ Frame 2D4A 239 KB
52 KB 238ms
149ms Script
application/javascript 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/searchbox_cloudfront_sd/1e4baed6db1cd89e71904e678f0a70b0e701ea9f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8d1d436ecf784f33e1e6d88c6565956b8ee5de293b6251a3525b865103de4bf7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 09:51:11 GMT
content-encoding: br
via: 1.1 9ef00004ef0e93efae76c75d3a2df1b4.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 2054630
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Sep 2023 09:24:02 GMT
server: nginx
etag: W/"6502d132-3bd76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: kI03MsvSU_Qkscb3brUU1CFEY8ZxPfYXRfiGKmzXn7txGHp3_S429A==
expires: Sat, 14 Oct 2023 09:51:11 GMT

GET
H2 200 07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg
cf.bstatic.com/static/img/cross_product_index/accommodation/ Frame 2D4A 2 KB
1 KB 59ms
59ms Image
image/svg+xml 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/accommodation/07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a0ff1db86f13d31743f7e0c4d1c45fe7953cd5089d91be2a2ce3d12f7a4beae2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 00:39:51 GMT
content-encoding: br
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 1655710
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:51 GMT
server: nginx
etag: W/"5cadd1cf-7f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: By8oFtHhWdpJcOTKIjOa2gK9LcSmgUWa0iSh_20SfDRn9VRyuPkK6Q==
expires: Thu, 19 Oct 2023 00:39:51 GMT

GET
H2 200 dd1af0dfe8835b14799d07702a4cd70159c649d5.svg
cf.bstatic.com/static/img/cross_product_index/calendar/ Frame 2D4A 3 KB
1 KB 60ms
59ms Image
image/svg+xml 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/calendar/dd1af0dfe8835b14799d07702a4cd70159c649d5.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

21edfeed321858e780d840b2e215d4d77b2e80fcdace1916bfb1254596b4cedd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 00:34:09 GMT
content-encoding: br
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 2174452
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:52 GMT
server: nginx
etag: W/"5cadd1d0-c6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 4QEPM-PGSVO1Z-dQryidC0WBKubFI0PbeyRGpXeYGITWCTc3PB3DxA==
expires: Fri, 13 Oct 2023 00:34:09 GMT

GET
H2 200 fb6f63d62231f9fe552d79b5448620b2e63c726e.svg
cf.bstatic.com/static/img/cross_product_index/toggle/ Frame 2D4A 1 KB
1 KB 60ms
59ms Image
image/svg+xml 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/toggle/fb6f63d62231f9fe552d79b5448620b2e63c726e.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbc5c6cc8dc52fe293be4d79d32c85f9e8d9baa9867653927dda0c1b905a3505

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 17:04:45 GMT
content-encoding: br
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 819016
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:51 GMT
server: nginx
etag: W/"5cadd1cf-5e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: VyTvQr0GaDjlM2jj6J2pV3iyhA7Cy3lpggTOKLAiU7Bn--4lKSBaVw==
expires: Sat, 28 Oct 2023 17:04:45 GMT

GET
H2 200 b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg
cf.bstatic.com/static/img/cross_product_index/guest/ Frame 2D4A 2 KB
1 KB 60ms
59ms Image
image/svg+xml 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/guest/b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a3668c35c677731ca1295a5f13ad82d97bc77aeb701720456f392e5bd888f2ef

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:24:50 GMT
content-encoding: br
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 2045411
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:51 GMT
server: nginx
etag: W/"5cadd1cf-63d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: Buy0XpzJmcZjuH-DjT5Oxr710N8PpGx1p7vNoQSG-qY29QYYambjwg==
expires: Sat, 14 Oct 2023 12:24:50 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 2D4A 211 KB
70 KB 87ms
86ms Script
text/javascript 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/atlas_v2_cloudfront_sd/ce02cc91e60b353c0cf45a97886f2e6a70912213.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

bb7bd73a7c7844f51b19a42e61d3cb027528f7c0c477249db2bdc311965ce8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71542
x-xss-protection: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 2D4A 3 B
45 B 198ms
91ms XHR
application/json 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.booking.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame 2D4A 260 KB
57 KB 54ms
52ms Script
text/javascript 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/14/common.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58ed94893e4142be2847d35ed50d8c3cc9a9aca281143d7794658cb3adb82a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 16:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57767
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 04:14:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 16:18:32 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame 2D4A 159 KB
50 KB 72ms
70ms Script
text/javascript 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/14/util.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143541f596e492db378b791f22a1bab26b16aba740a6b3627d09fe9e56323d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 02:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51065
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 04:14:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 02:41:26 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame 2D4A 74 KB
23 KB 83ms
83ms Script
text/javascript 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/14/map.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2208c3e38e04a6a0476ec080cc3ea3bb9af82621fc2158b2d58de82c2fffc68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 02:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23841
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 04:14:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 02:41:28 GMT

GET
H2 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame 2D4A 4 KB
1 KB 97ms
97ms Script
text/javascript 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/14/overlay.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100743aa1204f8b3e6480c51c2759c6e8beed573fbf21ab7d67188a5f6923dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:00:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1262
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 04:14:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 03:00:01 GMT

GET
H2 200 66bf86dee54530a7bbd96bc0aa678a645960d474.png
cf.bstatic.com/static/img/use_sprites_16_exp/ Frame 2D4A 19 KB
20 KB 60ms
60ms Image
image/png 2600:9000:210b:3200:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/use_sprites_16_exp/66bf86dee54530a7bbd96bc0aa678a645960d474.png

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5e8f8af5bb822648eb2f343706c44b6c213dcd461583dc23a6a4cb02444e3800

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:30:15 GMT
via: 1.1 4e0a12897838fdf8f772b549bbcdb420.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: EWR53-C3
age: 331486
x-cache: Hit from cloudfront
content-length: 19923
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:56 GMT
server: nginx
etag: "5cadd1d4-4dd3"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VMrlvgYrF8pqDlwHc5Erih0vVUpxASq33n0jAtNLFOs3gHhkqK-Bjw==
expires: Fri, 03 Nov 2023 08:30:15 GMT

GET
H2 200 load_times Show response
www.booking.com/ Frame 2D4A 0
1 KB 235ms
234ms XHR
text/plain 52.85.61.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/load_times?jquery_ready=390&window_onload=725&sid=d2a793f2229e1b2307cf362615331e34&pid=04db203aecc80064&first=1&cdn=cf&dc=1&lang=en-us&aid=2393715&ref_action=flexiproduct&stype=1&ch=&screen_size=1600x1200&m=UmFuZG9tSVYkc2RlIyh9YcO9V288wlHSYYm9mg3_bVbBo-EbzEkBrmYQ1pir3fcaGhwaNZE8EKkhP81wd2x20pP9Lps4neV_t5L3XjnNy_amiCdk-tYfW9D4OMESibAe39H5ha5Is-9PPb4xu_xRwLAjLVovZQAXMHWCZ_gNGPikc4oAAZn9K1mSJekt0HezYZOG_sr1YF0c74D33nfBU2ioofU8koGW4m5WrS_d_PjcGkmNezjRepkv-auCxAvUD1XT4c7K9zg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-84.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Language-Code: en-us
X-Booking-CSRF: tGkiZQAAAAA=8KTopPbWLehOvWVmC1y-vLOTzL2FqDoAxaWlwOQiCE55duOpaVFnE8-gBGySrRobKCHWtb287loJwzXGIY2yPF3X-pd3VGJdgSlMU5PYDvPC0MDB4TddJLetdznUeliPM9uQb2KNFnRTuq7FmpG255DOYHrEhE6IgTN-AM5GFjMjHI5b1IwDZI3A_6J8kmYkhTLASs9pa6zYEVAy
accept-language: en-US,en;q=0.9
X-Booking-AID: 2393715
X-Partner-Channel-Id: 2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Booking-Pageview-Id: 04db203aecc80064
Accept: */*
Referer: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=32.78001960&longitude=-96.88194695&landmark_name=Downtown%2010%20min%20Rooftop%20Deck%20King%20Suite%2055%20Smart%20TV&mwhsb=0&address=3725%20Toronto%20Street,%20Dallas,%20TX%2075212,%20United%20States&
X-Booking-SiteType-Id: 1
X-Requested-With: XMLHttpRequest
X-Booking-Session-Id: d2a793f2229e1b2307cf362615331e34

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
content-encoding: br
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
strict-transport-security: max-age=300; includeSubDomains
server: nginx
x-amz-cf-pop: EWR53-P1
vary: User-Agent, Accept-Encoding
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=45a5203a4d0500cd&e=UmFuZG9tSVYkc2RlIyh9Yea5KnOzD3Y9uAvFCeDwazND8JFX1id7bBGqCRyOrhME
content-type: text/plain; charset=UTF-8
x-cache: Miss from cloudfront
x-amz-cf-id: pTLYORLN9P6koegl9mZTYP2ChaNsCa1EXuxxa5xd8o5YhtGlgb9AHg==
x-xss-protection: 1; mode=block

GET
H2 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 2D4A 326 B
690 B 55ms
54ms Image
image/bmp 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:01 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Sun, 08 Oct 2023 04:35:01 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 2D4A 37 KB
5 KB 129ms
129ms Script
text/javascript 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d32.72804261717264&2d-97.01313059585166&2m2&1d32.831170216393254&2d-96.75032155267655&2u14&4sen-US&5e0&6sm%40665000000&7b0&8e0&12e1&13shttps%3A%2F%2Fwww.booking.com%2Fflexiproduct.html&14b1&callback=_xdc_._gflb99&client=gme-booking&channel=booking-frontend-affiliate&token=63206

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/53/14/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9c7ecb0c30fe721424e63bcdef7431c66206a930f798f0d90bf7ac1979330dbf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 04:35:01 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=76
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4621
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame 2D4A 27 KB
9 KB 54ms
54ms Script
text/javascript 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/14/onion.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d61dee1094a2d426ab3e23ff75d276573ba9fa2a041b700f71f41cf4491599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:53:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 333704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8998
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 04:14:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 07:53:17 GMT

GET
H3 200 activities-auto.frame Show response
widget.getyourguide.com/default/ Frame 744E 12 KB
5 KB 192ms
192ms Document
text/html 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696739701902&sha=7d3e7932-9fc9-503d-a25c-7575471497cb&website=https%3A%2F%2Fdowntown10minrooftopdeckkingsu.bhotel.top%2F&visitor_id=2DB1DB3C11D84B4F938384845B6F6744

Requested by

Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

df5dfb551336e3323bf76087369a50872c59f3c902648eca243befa5ef5e15b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'sha256-QCL26AhByRmYtx+x9DvW8n4s+YmbvKRvRnvaauTMkFc=' 'self' 'self' https://cdn.getyourguide.com .getyourguide.com .gygtest.com .gygkube.com https://static.cloudflareinsights.com https://challenges.cloudflare.com; connect-src 'self' https://cdn.getyourguide.com .getyourguide.com .gygtest.com .gygkube.com; img-src 'self' https://cdn.getyourguide.com data: https://api.maptiler.com; style-src 'self' data: 'unsafe-inline' https://cdn.getyourguide.com .typekit.net/; font-src 'self' data: https://cdn.getyourguide.com https://fonts.gstatic.com https://cdn.ek.aero/shared/fonts/emirates/ .typekit.net/; base-uri 'self'; object-src 'none'; frame-src 'self' .getyourguide.com .gygtest.com *.gygkube.com https://challenges.cloudflare.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 812bacc0fbcd2221-MIA
content-encoding: br
content-security-policy: default-src 'none'; script-src 'sha256-QCL26AhByRmYtx+x9DvW8n4s+YmbvKRvRnvaauTMkFc=' 'self' 'self' https://cdn.getyourguide.com *.getyourguide.com *.gygtest.com *.gygkube.com https://static.cloudflareinsights.com https://challenges.cloudflare.com; connect-src 'self' https://cdn.getyourguide.com *.getyourguide.com *.gygtest.com *.gygkube.com; img-src 'self' https://cdn.getyourguide.com data: https://api.maptiler.com; style-src 'self' data: 'unsafe-inline' https://cdn.getyourguide.com *.typekit.net/; font-src 'self' data: https://cdn.getyourguide.com https://fonts.gstatic.com https://cdn.ek.aero/shared/fonts/emirates/ *.typekit.net/; base-uri 'self'; object-src 'none'; frame-src 'self' *.getyourguide.com *.gygtest.com *.gygkube.com https://challenges.cloudflare.com; worker-src 'self' blob:
content-type: text/html; charset=utf-8
date: Sun, 08 Oct 2023 04:35:02 GMT
etag: W/"30a4-ECIjykSk8XmA2Qus+YKcR7m4RUo"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 34
x-powered-by: Express
x-request-id: 051952ed-e07d-409e-b068-2246025ef756
x-xss-protection: 1; mode=block

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 2D4A 62 B
84 B 68ms
68ms Script
text/javascript 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.booking.com%2Fflexiproduct.html&2sgme-booking&3sbooking-frontend-affiliate&7m1&1e0&8b0&callback=_xdc_._a6qwrr&client=gme-booking&channel=booking-frontend-affiliate&token=10097

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/53/14/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

5ff8a8c5061f4144749aed40f0d711ef532dc96634dd5a0ef100481e5ba51d2f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 04:35:02 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6ba5190.js Show response
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 744E 8 KB
3 KB 110ms
46ms Script
text/javascript 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/6ba5190.js

Requested by

Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696739701902&sha=7d3e7932-9fc9-503d-a25c-7575471497cb&website=https%3A%2F%2Fdowntown10minrooftopdeckkingsu.bhotel.top%2F&visitor_id=2DB1DB3C11D84B4F938384845B6F6744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

581b13cb3ccc031c826094f69428457aa4b56a5d226442d158b1e22e91264217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:45 GMT
server: cloudflare
x-amz-request-id: XFZCPCE70F4C97CB
age: 56632
etag: W/"b22d2b676c3c6791e6eb58a335d5a11c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc29c8b961a-MIA
x-amz-id-2: Arwl5AEbEAj+6mlxSDWHr0XaHROMv2393/tqfweHYQJv5yoN+e6uFkSujKwP7xL9XWJzTgn5CLA=

GET
H2 200 b1ffc12.js Show response
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 744E 246 KB
82 KB 142ms
78ms Script
text/javascript 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/b1ffc12.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e4be2df1b322492333c39f18965f12c6041eeabe2c2dfa8e328be4a9551277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:43 GMT
server: cloudflare
x-amz-request-id: XFZ9CDA4SKV19K7Q
age: 56632
etag: W/"37e87e24d66beb413deb4048b8c5cc1e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc29c8d961a-MIA
x-amz-id-2: uiiJDfLvU21Fth0wFCyS5vYk22jDnRFY4E069xq1YW8LultlU1SyJphZ6lO9MbUOFjwStg4j+OA=

GET
H2 200 e77e497.css
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/ Frame 744E 22 KB
5 KB 108ms
45ms Stylesheet
text/css 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/e77e497.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1438856adc2cf81c2b6ce863fe931ec1c2247eed28058a4e5bcdce38ab3509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:46 GMT
server: cloudflare
x-amz-request-id: XFZ5HC1EZ36MM6W3
age: 56632
etag: W/"be7ca861bccef48665ff20f4066025da"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc29c87961a-MIA
x-amz-id-2: SrBmbSuJvcV++muJ/Zw0zvLxoQL6O4h88cqoTgvXKG69RS4eM6k71Dt4J/Cjv2obJuwGdEHTYUM=

GET
H2 200 d806ac0.js Show response
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 744E 320 KB
74 KB 115ms
51ms Script
text/javascript 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/d806ac0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78007a8457a4b60fb79ecdef81d4c7fa43f9841d500d7b5301213aac0dd0acb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:42 GMT
server: cloudflare
x-amz-request-id: XFZD728BYCB9RWH2
age: 56632
etag: W/"5470afce5898844d806790779bd8d3df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc29c90961a-MIA
x-amz-id-2: 9Ej2MlQ/RCRwvLbdSSF16/UcYq3M6P6BfomX/DqYkotAxsPgwJzhvYV5BxxcBkuVF+3MJMhwJOo=

GET
H2 200 f1983b6.css
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/ Frame 744E 7 KB
2 KB 110ms
47ms Stylesheet
text/css 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83af418cd23e96948e8971b338668828614a6763726b6554af715b500c152441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:47 GMT
server: cloudflare
x-amz-request-id: XFZDKVG4580HNGEY
age: 56632
etag: W/"b3da1072f97e229abe0ca7221d7e757e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc29c88961a-MIA
x-amz-id-2: ccEO6UyL9VPDDENQfiKG7i2KXETQCBqo7wUBxp7ga390W5ZLS6lQamejTHDLyRBgpfSHKQLuebM=

GET
H2 200 a912f21.js Show response
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 744E 101 KB
28 KB 143ms
80ms Script
text/javascript 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/a912f21.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fcddfcf7954f7f0b8dd4b2bfa1835030d3e23784e3dbd50ce4f815efa8c446c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:44 GMT
server: cloudflare
x-amz-request-id: XFZ4HK5GQ9Y9NCCD
age: 56632
etag: W/"d46f0c56c2ea032a1d93dc5b82c2e02f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc2cca8961a-MIA
x-amz-id-2: 2jP697nxCQr9Un71VGDFxDe8L9TYxHHxjHE4f7u24RG/lyJDDXMW5IgPCgnWXond4h2mprzXkOA=

GET
H2 200 4d2554e.css
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/ Frame 744E 901 B
772 B 109ms
46ms Stylesheet
text/css 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/4d2554e.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e43b830eb512b12be972f6fc0f7f355d650237ee3e4b7a8da7fa62caac0189ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:47 GMT
server: cloudflare
x-amz-request-id: CFFSH3F7AS0DWM7S
age: 56569
etag: W/"df87dd955d98b176761dc214c7de9486"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc29c89961a-MIA
x-amz-id-2: pZ0HWBp+5shfJldh/COa48JzpzOhLyB0MaODIHwsqyJCeylZTZ6XnKC6SkugERr3aqJ9Png5+VI=

GET
H2 200 5382194.js Show response
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 744E 5 KB
2 KB 142ms
79ms Script
text/javascript 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/5382194.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaeffb11665b3ae9f2057e572bf17a43f68680b05930588ae87b7149a9bdaa10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:45 GMT
server: cloudflare
x-amz-request-id: CFFNW2RHSSPDACKD
age: 56569
etag: W/"9d3fb88b214e323ca65eb04c24032b29"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc2cca6961a-MIA
x-amz-id-2: deROF960+xcKuxdEejYP4Gjbdp0SriF1tIOoHTmig3Nn8etrl6/ksPNEzRjYhW+KGKBVWQBvCjs=

GET
H2 200 1ac56ef.js Show response
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 744E 14 KB
6 KB 110ms
48ms Script
text/javascript 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/1ac56ef.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d240bc2caa167854748860a164ffa11c0af99c3ea2e123a1f0aa84c3de6e4412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:42 GMT
server: cloudflare
x-amz-request-id: G76736YPT5K4JYB6
age: 56632
etag: W/"5f1d8592b8d93d7b486973ad94ba741e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc29c8e961a-MIA
x-amz-id-2: p+qFLNKIP9JtfoM0syd26ZzduPyGWCApVdsnogFCWVxK1t3GjtWZObbAYn2xCpa9F8NY3p5z38o=

GET
H2 200 97d439d.css
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/ Frame 744E 12 KB
5 KB 106ms
43ms Stylesheet
text/css 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/97d439d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9268241ddbaa622897845487da61f82d0dd9321cb29c6c12b2c11bdd1b66631e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:47 GMT
server: cloudflare
x-amz-request-id: 82HTAJ95YZNNJWZK
age: 56607
etag: W/"f3ce8295eb0da9da3754f9db3696a564"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc29c8a961a-MIA
x-amz-id-2: bYnORbfhpLedFNx2vrSlucVxJ5qJhJiKCIO42CtJQZwA5lQOfZKCyfOOyxcOzy1fn/U6LdZR1E8=

GET
H2 200 9efe96e.js Show response
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 744E 18 KB
6 KB 141ms
79ms Script
text/javascript 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/9efe96e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc33d39c444e855b3083d0e4e7bf01de32fe4049a5e5d94ef97f6518ed1e297

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:43 GMT
server: cloudflare
x-amz-request-id: 82HYVC9MTC8G1C8B
age: 56607
etag: W/"f188afe1fb7ef48d98c25daacd113ced"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc2cca9961a-MIA
x-amz-id-2: Atq3vu1EhTNm/ZWUn2I9fZP8XS4uaEhbdpy9RRL5WTAVUphI19vhiHS2De223waVowJADW/ExOc=

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 2D4A 62 B
83 B 74ms
74ms Script
text/javascript 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.booking.com%2Fflexiproduct.html&2sgme-booking&7sgz0d21&9sbooking-frontend-affiliate&10e1&11b0&callback=_xdc_._3ls3hy&client=gme-booking&channel=booking-frontend-affiliate&token=126356

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/53/14/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4f6c48b58c255592b547db91597e7892048714533c568f986e5c0f482edff5fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 04:35:02 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite.0d5e56a.svg Show response
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/img/ Frame 744E 65 KB
19 KB 98ms
42ms XHR
image/svg+xml 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/img/sprite.0d5e56a.svg

Requested by

Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/d806ac0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

950de79962ebb9dcac4653e59c1fb51a47257b07732dccb7ef47d3670e062075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YEW4S1VHPK8HNF9H
age: 56706
x-amz-server-side-encryption: AES256
x-amz-id-2: a1aAqSFLtV/6se+55svs/DVnfpbmnGHYfB24zkX6OQ1vK1LotCBm2qFGotWiXzhdKjDQWbYzOpw=
last-modified: Thu, 05 Oct 2023 12:41:47 GMT
server: cloudflare
etag: W/"0d5e56aeabb60e60ce4f4a7479bde860"
access-control-max-age: 3600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc43d944958-MIA

GET
H2 200 7375d4e.js Show response
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 744E 80 KB
24 KB 38ms
38ms Script
text/javascript 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/7375d4e.js

Requested by

Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/6ba5190.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c80486a6f1a9415c29d1c14599b2eb25a7cf6d5a48f7919ef6be2a1416db601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 12:41:42 GMT
server: cloudflare
x-amz-request-id: YA90XFB70KEQBPBW
age: 56631
etag: W/"972274350f4fae50456201f9a53b0e07"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1000, public, must-revalidate
cf-ray: 812bacc3edba961a-MIA
x-amz-id-2: UYXEHW0ZsMSrH4O2WD7Edrs35ZQ+hynpT2E6YfKmaaDYKwRp772f8Wb7VLOmOc+FrE/GqcxckHw=

POST
H3 200 auto-widget-context
widget.getyourguide.com/ 0
0 614ms
611ms Ping
application/json 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getyourguide.com/auto-widget-context
Requested by: Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://downtown10minrooftopdeckkingsu.bhotel.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

GET
H3 200 activities-auto.json Show response
widget.getyourguide.com/ Frame 744E 9 KB
3 KB 582ms
582ms Fetch
application/json 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/activities-auto.json?widget=auto&partner_id=KACJMIV&widget_created=1696739701902&sha=7d3e7932-9fc9-503d-a25c-7575471497cb&website=https%3A%2F%2Fdowntown10minrooftopdeckkingsu.bhotel.top%2F&visitor_id=2DB1DB3C11D84B4F938384845B6F6744&model_type=location

Requested by

Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/d806ac0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

dec8d4a0f7dfd6dedf8089bde626aea06fcfec6d81535ac17d5e7fcca4e52dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-request-origin: user
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
visitor-id: 2DB1DB3C11D84B4F938384845B6F6744
Referer: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696739701902&sha=7d3e7932-9fc9-503d-a25c-7575471497cb&website=https%3A%2F%2Fdowntown10minrooftopdeckkingsu.bhotel.top%2F&visitor_id=2DB1DB3C11D84B4F938384845B6F6744
x-gyg-geoip-country: US
x-gyg-anonymized-ip: IPv6-US-00000002-45ea71c0c25188a4cd584008049156cafbb4330e5a76b5f12cf49cbf726b38645196f8d2c6101e6df804d4646e87d651e8c3265b349a3b390f037ef5616fa5f6
x-gyg-request-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-request-id: 051952ed-e07d-409e-b068-2246025ef756

Response headers

date: Sun, 08 Oct 2023 04:35:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-powered-by: Express
x-envoy-upstream-service-time: 100
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4c65ccbd-a865-4320-bdfa-f3e920f41c71
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"25aa-qz4Qt6NFCr0ww80qA+8Z3qJeq5I"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 812bacd06b152221-MIA

GET
H2 200 GT-Eesti-Pro-Display-Regular.woff2
cdn.getyourguide.com/design-system/GT-Eesti/ Frame 744E 56 KB
56 KB 42ms
42ms Font
font/woff2 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/design-system/GT-Eesti/GT-Eesti-Pro-Display-Regular.woff2

Requested by

Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6b42ca74fffb2087dee37c14a0ff0dbcdc0f36b7b76799e95552a6089120969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css
Origin: https://widget.getyourguide.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: 3RZTBB7WN3WPWDDH
age: 27781
content-length: 57208
x-amz-id-2: +Bp1XEgqpMx+85T/+lsdpJOICzHE50n/5v+sNILNe8nzLHHuAXg5g5tnW5FNPuKcvMLffzv9VFU=
last-modified: Sun, 03 May 2020 10:59:39 GMT
server: cloudflare
etag: "0bee8cc037c7f39e423052107135c488"
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31536000, public, must-revalidate
accept-ranges: bytes
cf-ray: 812bacd41c794958-MIA

GET
H2 200 GT-Eesti-Pro-Display-Bold.woff2
cdn.getyourguide.com/design-system/GT-Eesti/ Frame 744E 59 KB
60 KB 54ms
54ms Font
font/woff2 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.getyourguide.com/design-system/GT-Eesti/GT-Eesti-Pro-Display-Bold.woff2

Requested by

Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b42fe227cbaecccbd5d441b1c9c149ade479067d5a258f614145b3342be951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css
Origin: https://widget.getyourguide.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: QG9MTBPZAJ5TB5B8
age: 15599
content-length: 60740
x-amz-id-2: bnoNAuauanZSiXLuoGGn6ouUfxNDflGW1bMuoV4AsR2x659NLLx0BPF4usqEx28xjvYJIMqioe8=
last-modified: Sun, 03 May 2020 10:59:39 GMT
server: cloudflare
etag: "f6291b623a5e487339b42d260847a9e3"
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31536000, public, must-revalidate
accept-ranges: bytes
cf-ray: 812bacd41c7c4958-MIA

GET
H2 200 156.webp
cdn.getyourguide.com/img/tour/91def637205e1193.jpeg/ Frame 744E 186 KB
187 KB 42ms
42ms Image
image/webp 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.getyourguide.com/img/tour/91def637205e1193.jpeg/156.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

167bca82deea16b0365aab9af6e4077ba13bd6fae5e2ee0785ed63606c00d6b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:04 GMT
x-amz-version-id: null
via: 1.1 2486140898790ee6c6614970688a7d4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MEL50-C2
age: 104157
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 190880
x-amz-expiration: expiry-date="Thu, 19 Oct 2023 00:00:00 GMT", rule-id="cdn_images_delete_old_files"
last-modified: Mon, 10 Jul 2023 15:11:58 GMT
server: cloudflare
etag: "411cf08dd286c9ced4d887897abb783d"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400, public
accept-ranges: bytes
cf-ray: 812bacd42c75961a-MIA
x-amz-cf-id: tGhsxVDxAs_zHcVAUtR8i8EG6mm5-QAB0ypYQ0c5z0MOJAyq2NCF8w==

GET
H2 200 156.webp
cdn.getyourguide.com/img/tour/5c7798076c592.jpeg/ Frame 744E 122 KB
123 KB 39ms
39ms Image
image/webp 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.getyourguide.com/img/tour/5c7798076c592.jpeg/156.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c460cf18df3f9c43c76134d1efbcad44b01ecb8eb144cd343237ca5d63ec9cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:04 GMT
x-amz-version-id: null
via: 1.1 25d43b47e466be886c392b383c59812c.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: DFW56-P5
age: 104157
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 125160
x-amz-expiration: expiry-date="Thu, 19 Oct 2023 00:00:00 GMT", rule-id="cdn_images_delete_old_files"
last-modified: Mon, 10 Jul 2023 15:11:53 GMT
server: cloudflare
etag: "5279a8ede6ecbdc0f191e72ad41e7829"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400, public
accept-ranges: bytes
cf-ray: 812bacd42c76961a-MIA
x-amz-cf-id: H29MOV0BcH0COiwkHJ1Y2rYzmc04d9wXj2POGDVddePCbnS2_Y_yPQ==

GET
H2 200 156.webp
cdn.getyourguide.com/img/tour/626f019133494.jpeg/ Frame 744E 104 KB
104 KB 48ms
47ms Image
image/webp 2606:4700:4400::ac40:942a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.getyourguide.com/img/tour/626f019133494.jpeg/156.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535b685956b6ffabf5f028ab5c6a8cb03e9a0eaca59e5f4be7c0b9403295eaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.getyourguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:35:04 GMT
x-amz-version-id: null
via: 1.1 9df0661694135666b2bd52748cde9006.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MIA3-C4
age: 60672
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 106396
x-amz-expiration: expiry-date="Thu, 19 Oct 2023 00:00:00 GMT", rule-id="cdn_images_delete_old_files"
last-modified: Mon, 10 Jul 2023 15:18:23 GMT
server: cloudflare
etag: "e5f503693fa368063cbd7ffca45b4522"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400, public
accept-ranges: bytes
cf-ray: 812bacd42c78961a-MIA
x-amz-cf-id: 2pRoST1bsoP8q_iax7RXMpjGo-O0iFBCZ84CBBvAtk5DzVuGcHJVGA==

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
downtown10minrooftopdeckkingsu.bhotel.top/	1969-12-31 23:59:59	Name: PHPSESSID Value: 56b74132f4936568fe37baf4fc354963
.widget.getyourguide.com/	1970-01-20 15:19:01	Name: __cf_bm Value: 86RdlbpEjB59OOyQS3sZ7cw.ax2iqWOrOZAW82X0o8Y-1696739700-0-ARlgaiVQg6IJgs9I0vvxrh06wU8Bcd/vmO3G14nBVigjY45to45HtRZe0vQXBBnYQaeJ3d+w9lTVFayPs4cUSwU=
.getyourguide.com/	1970-01-21 00:54:59	Name: visitor_id Value: 2DB1DB3C11D84B4F938384845B6F6744
.booking.com/	1970-01-21 00:54:59	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBKd%2F%2B1hfoh7rhO9hsj6BMJvexvKCWJAeqw%2Fhlxh7SCcS%2Fvsv5s%2FlcRPs0vFIb7elS82rdWWLjNgkOgR2RoL2y4B5AdNiOKPfdNKzSg%2BTbky29TedwYBaqHyKnWkLM0S8p%2BnXrndUgWHgdJAfxfHHa2I
widget.getyourguide.com/	1970-01-21 00:04:35	Name: i18n_redirected Value: en-US
.cdn.getyourguide.com/	1970-01-20 15:19:01	Name: __cf_bm Value: MRn5KujCgA7ubsZQ4_R2rmrqzlwAfbbEhT_m4UCKi6A-1696739702-0-Adm9VudeT2KdiXzN5wT2TWkvRYzapG9yn2R6kn+ckTl1YJI8bePnVhZH71sOjNvbYNnMJLbayUxBO9Fs14/YMwE=
downtown10minrooftopdeckkingsu.bhotel.top/	1969-12-31 23:59:59	Name: session_id Value: 0b7cace3-f753-4124-8153-ad74fe4a7f2a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-icons-png.flaticon.com
cdn.getyourguide.com
cf.bstatic.com
downtown10minrooftopdeckkingsu.bhotel.top
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
translate.google.com
translate.googleapis.com
widget.getyourguide.com
www.booking.com
www.gstatic.com
204.93.224.158
2600:141b:e800:34::173e:2f04
2600:9000:210b:3200:1c:d826:cd80:93a1
2606:4700:4400::6812:2262
2606:4700:4400::ac40:942a
2606:4700::6812:1734
2606:4700::6812:acf
2606:4700:e2::ac40:8309
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::71
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::5f
52.85.61.84
0de29dda480682344a32a735a6add015a8c855fc0137ed2f76039b8cfb2869c1
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9
0f3e34bdcc1b20a94e6bcfcfdb28763dd1d1d8bc1313ab9e4eb725d98e9b8e40
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
100743aa1204f8b3e6480c51c2759c6e8beed573fbf21ab7d67188a5f6923dbd
143541f596e492db378b791f22a1bab26b16aba740a6b3627d09fe9e56323d66
167bca82deea16b0365aab9af6e4077ba13bd6fae5e2ee0785ed63606c00d6b0
18af2bf64a77a50bc46c1fe63efbaee38ab0e0fb8c47976bc4c159f2505550cb
1d627ec5cf16d0e4fc00d47ff7e903685a7c55861a6b79bb5315c45b011ca165
21edfeed321858e780d840b2e215d4d77b2e80fcdace1916bfb1254596b4cedd
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554
3644394a488d3937d291c4d1539b16b154fc951fbc5702430c40d3f43a6d1e5b
41cddf2dcd942128378479c5fd87a454441f02b678186cff7f9f1a2a16d2247b
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4b1438856adc2cf81c2b6ce863fe931ec1c2247eed28058a4e5bcdce38ab3509
4dafcc1c39005f1bf7e4b3faa5d7b7be2d03a81e5346ea1e9d7fe46b9279ae65
4ea566bcfe25ec81ab2688387def9cb5990637e85a559003486d7f44f434302b
4f6c48b58c255592b547db91597e7892048714533c568f986e5c0f482edff5fa
535b685956b6ffabf5f028ab5c6a8cb03e9a0eaca59e5f4be7c0b9403295eaf3
581b13cb3ccc031c826094f69428457aa4b56a5d226442d158b1e22e91264217
58d61dee1094a2d426ab3e23ff75d276573ba9fa2a041b700f71f41cf4491599
58ed94893e4142be2847d35ed50d8c3cc9a9aca281143d7794658cb3adb82a9c
5ad7526d50b7586ddfaee62b3fc95e71207136dc08f6a2b7ffd671ded73fab83
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223
5e8f8af5bb822648eb2f343706c44b6c213dcd461583dc23a6a4cb02444e3800
5ff1de34a8b558ddaf79ae843e5b9e50db2d7b62e88ae621da7582a37bc3626b
5ff8a8c5061f4144749aed40f0d711ef532dc96634dd5a0ef100481e5ba51d2f
63f9e635bca6053c2baecd7e90f62ab7223c1425e93fb60fd6c1a8ece6151923
6612b27e9a2237b7f7d3a8ae15e8da1cb79d00bb589e2b66f9b492af8ef5ea78
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
67dd990ebb1eb7fcf8eb3f2d4652d854f6e329019f40138c4f3fe3a65454a9bc
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
76e4be2df1b322492333c39f18965f12c6041eeabe2c2dfa8e328be4a9551277
77a9ece576f0a1c826a9970192a202980487a97e15967151c1241358e541807a
78007a8457a4b60fb79ecdef81d4c7fa43f9841d500d7b5301213aac0dd0acb2
7d63f2e5371a3c4a6654a87dbe50d33b26afac111f7020e1eab31560d0c984aa
7fc33d39c444e855b3083d0e4e7bf01de32fe4049a5e5d94ef97f6518ed1e297
7fcddfcf7954f7f0b8dd4b2bfa1835030d3e23784e3dbd50ce4f815efa8c446c
83af418cd23e96948e8971b338668828614a6763726b6554af715b500c152441
8885df9f7fb03c1e6dfece2bd7bbecf0289075c03ac92155e2e1da39f61cc0c7
8bcef4d15a0c7757ddd9eb4e6a81f65d7aedc5fe6f4ba95d90c5a63381f156ad
8d1d436ecf784f33e1e6d88c6565956b8ee5de293b6251a3525b865103de4bf7
9268241ddbaa622897845487da61f82d0dd9321cb29c6c12b2c11bdd1b66631e
950de79962ebb9dcac4653e59c1fb51a47257b07732dccb7ef47d3670e062075
9c7ecb0c30fe721424e63bcdef7431c66206a930f798f0d90bf7ac1979330dbf
9c80486a6f1a9415c29d1c14599b2eb25a7cf6d5a48f7919ef6be2a1416db601
a0ff1db86f13d31743f7e0c4d1c45fe7953cd5089d91be2a2ce3d12f7a4beae2
a3668c35c677731ca1295a5f13ad82d97bc77aeb701720456f392e5bd888f2ef
abf84fbbeb3b1a3058bd3dee6cc071e6375bdcaf19030befbf3481d9ad2ea184
bb7bd73a7c7844f51b19a42e61d3cb027528f7c0c477249db2bdc311965ce8cb
c376ad6bdfc8953fcc97bd6d09b11c75a652a26eeaf1ae056bf268600b5dd27b
c3f06cf6ded52069a79551343aca5f2269a048cedb9fbacd3cfff7136980659c
c460cf18df3f9c43c76134d1efbcad44b01ecb8eb144cd343237ca5d63ec9cbb
c4b42fe227cbaecccbd5d441b1c9c149ade479067d5a258f614145b3342be951
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d240bc2caa167854748860a164ffa11c0af99c3ea2e123a1f0aa84c3de6e4412
d28d43698c2b701e031172c0f98f35b539aca2a63606c8959473f54e071298a9
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5
d4ecb944cfb2e5e2257cdc2b18ddca4e86bacd135606c7f3fd2b45a597905310
d6b42ca74fffb2087dee37c14a0ff0dbcdc0f36b7b76799e95552a6089120969
d9d0020e30ad338e09f4571b3185283356d133abe5b1f3920f30b0281e2ac858
dbc5c6cc8dc52fe293be4d79d32c85f9e8d9baa9867653927dda0c1b905a3505
dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c
ddc64e22f33795e2f16bcd5b11fd432261ac3be8cfbee73f94c678658ec98147
dec8d4a0f7dfd6dedf8089bde626aea06fcfec6d81535ac17d5e7fcca4e52dc9
df5dfb551336e3323bf76087369a50872c59f3c902648eca243befa5ef5e15b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43b830eb512b12be972f6fc0f7f355d650237ee3e4b7a8da7fa62caac0189ae
eaeffb11665b3ae9f2057e572bf17a43f68680b05930588ae87b7149a9bdaa10
ef33d4a0fdc087362d1034e913a6b3ad65c68e6544548b3e4231cfa60f824774
f0933b1db14b79209550f7a3a21565c832a8df1d640b72f56bf39e24de286004
f2208c3e38e04a6a0476ec080cc3ea3bb9af82621fc2158b2d58de82c2fffc68
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffffad0e6bd2527414de953f145e050f53548626d9bf8c79047b4475ce437c99

downtown10minrooftopdeckkingsu.bhotel.top Open in urlscan Pro 204.93.224.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

88 %IPv6

10 Domains

17 Subdomains

17 IPs

1 Countries

2343 kBTransfer

5340 kBSize

7 Cookies

1 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

downtown10minrooftopdeckkingsu.bhotel.top Open in urlscan Pro
204.93.224.158 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

88 %
IPv6

10
Domains

17
Subdomains

17
IPs

1
Countries

2343 kB
Transfer

5340 kB
Size

7
Cookies

81 HTTP transactions
1 data transactions