www.booking.com Open in urlscan Pro
5.57.16.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1EpsctHwYOfye5_iA3HShUu_zkc7yQ7hfmnkpCxFwEH7yAh7bh2MnoKiG60LP0H4aVl...
Effective URL:
https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-...
Submission: On November 18 via api (November 18th 2020, 7:51:52 am UTC) from US

Summary HTTP 70 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 70 HTTP transactions. The main IP is 5.57.16.220, located in Amsterdam, Netherlands and belongs to BOOKING-BV Booking.com, NL. The main domain is www.booking.com.
TLS certificate: Issued by DigiCert ECC Extended Validation Serv... on November 8th 2019. Valid for: 2 years.

This is the only time www.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
5	5.57.16.220 5.57.16.220	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
43	2600:9000:214... 2600:9000:214f:4800:1f:e2ee:200:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
3	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
70	8

1 151.101.14.110 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

link.sg.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.57.16.220 (Amsterdam, Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: www.booking.com

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2600:9000:214f:4800:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.220.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-pxikkul2rm.perimeterx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	bstatic.com cf.bstatic.com	1 MB
7	cookielaw.org cdn.cookielaw.org	123 KB
6	booking.com 1 redirects link.sg.booking.com www.booking.com	126 KB
5	googleusercontent.com lh6.googleusercontent.com lh4.googleusercontent.com lh5.googleusercontent.com	11 KB
3	perimeterx.net collector-pxikkul2rm.perimeterx.net	2 KB
1	googleapis.com maps.googleapis.com	12 KB
1	onetrust.com geolocation.onetrust.com	515 B
0	facebook.com Failed graph.facebook.com Failed
0	fbsbx.com Failed platform-lookaside.fbsbx.com Failed
70	9

	Domain	Requested by
43	cf.bstatic.com	www.booking.com cf.bstatic.com
7	cdn.cookielaw.org	www.booking.com cdn.cookielaw.org
5	www.booking.com	cf.bstatic.com www.booking.com
3	collector-pxikkul2rm.perimeterx.net	cf.bstatic.com
3	lh4.googleusercontent.com	www.booking.com
1	lh5.googleusercontent.com	www.booking.com
1	lh6.googleusercontent.com	www.booking.com
1	maps.googleapis.com	www.booking.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	link.sg.booking.com	1 redirects
0	graph.facebook.com Failed	www.booking.com
0	platform-lookaside.fbsbx.com Failed	www.booking.com
70	12

This site contains links to these domains. Also see Links.

Domain
secure.booking.com
join.booking.com
account.booking.com
booking.com
cars.booking.com
www.opentable.com
partner.booking.com
careers.booking.com
sustainability.booking.com
news.booking.com
www.bookingholdings.com
admin.booking.com
onetrust.com

Subject Issuer	Validity	Valid
www.booking.com DigiCert ECC Extended Validation Server CA	`2019-11-08` - `2021-11-12`	2 years	crt.sh
q-cf.bstatic.com DigiCert SHA2 Secure Server CA	`2020-06-05` - `2021-02-11`	8 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
perimeterx.net GeoTrust RSA CA 2018	`2019-07-03` - `2021-08-31`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
Frame ID: C780A99EFE4226B1143E7B67ABE058A3
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1EpsctHwYOfye5_iA3HShUu_zkc7yQ7hfmnkpCxFwEH7yAh... HTTP 302
https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

70
Requests

93 %
HTTPS

63 %
IPv6

9
Domains

12
Subdomains

8
IPs

4
Countries

1311 kB
Transfer

3497 kB
Size

6
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.booking.com/help.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&sid=ade3430c7db3cdd21440b716d2bc328f
Title: Ricevi aiuto con la prenotazione

Search URL Search Domain Scan URL

URL: https://join.booking.com/?lang=it&utm_source=topbar&utm_medium=frontend&label=44595_ufi-name-multi-3-plus-rec-5_v2-&aid=339530
Title: Registra la tua struttura

Search URL Search Domain Scan URL

URL: https://account.booking.com/auth/oauth2?redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&aid=339530&response_type=code&dt=1605685895&state=UusC0ixDkl7ACajvQtpmm3oWHas5EXP7sAcHRlcK3VJk2pp3m0COoDlLF5qoijaTHLAqo25ACVXTeDBeIpB_gRJt0KrUq6ISlyQH2fbRtt0UTYCxCnNSdrbzW7Io3rk994ZUfV6RmDma4Uoq_nQzFAAENkRzU3V7Zx-eDH31tIgW5l93M_m7wftIAdDaUux5yBB8hyswBNVcVcKhlikkkuJYaOgQoZBrdOX0i-wZyV25ioNUkUhoVZpQr4EdGHLmu9745JHQbq58gH7NJweXPwR8C7u7CK24_0G_fHE4Tjh93MJVPDfYBA9cl8Rk3ZV76QIgB_dK5S0SBhU2IAd2ODlwr_sicQk8elzZl261oA7zDHpM3h3JOYaiNHy5E4ml5um2ewoNpekHtK5r_qnmgf2XAAUEHmNe99aVNRTR5PX2-3aAif7IAxaneriCrkCK70wOvD57X9D7Yj4K5mso-zPlif45KwSgqVFA54MA&prompt=register&client_id=vO1Kblk7xX9tUn2cpZLS&lang=it
Title: Iscriviti

Search URL Search Domain Scan URL

URL: https://account.booking.com/auth/oauth2?state=UusC0ixDkl7ACagWAk2J0QIhdeCEtpmuL0eYJN-puclelJCpNQx-XNJXREatMygVkYzUoBMnD2n5YEyPnERsZtGRsIK1Qxxdr2rdigEOWvkEWrE5t5A_OA0R1YxcFQ9VhtpYkjzAYE3aP_YK4wY8OHB2qhEuTm0CD4Ef8rkKuswJgRM_8p3HoWxO3Pwp8axcq57aSbNFh3t6vTbsu6pU9mvYTxeUx0Lq9TNZtu83bh5E7xzOHFEVC1VjwlzH2YXkJdxipDsi4mZOY9lls0lcxYWSe7_Ox2S_X652Xi7wAqWpzd2K2J2CfsRpEVrW91d64FcSVcc2M40OZAj0SS9LcUbvcyp6QVfoakuKhb5I9TX7756fFaaTsnTPhyRjpdYHTV5h057Lje3brwTsQMEp5U5omAYcIbUkSH8TDdaOvMg9SCxjT_sbpj0A1XWQW0R3dUxQ699l2Tp0630M6ngp8Y591iRdPJ0TdFceSmR9&client_id=vO1Kblk7xX9tUn2cpZLS&dt=1605685895&lang=it&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&aid=339530&response_type=code
Title: Accedi

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?lang=it&label=44595_ufi-name-multi-3-plus-rec-5_v2-&aid=339530&url=https%3A%2F%2Fbooking.kayak.com%2Fin%3Fa%3Dbdc%252Fsearchbox%26mc%3DEUR%26p%3Dsearchbox_link%26sid%3Dade3430c7db3cdd21440b716d2bc328f%26bdclc%3Dit-it&token=UmFuZG9tSVYkc2RlIyh9YXYkRVs_GG8EPfbmdOjJomvyvKLH1nQ4oMVcnA2uXGMVVrFTnL5m1LyKfY4mpNnS_DFNhmq69U5QIp-83b7lJNLnWKTXHeh1wk-090-YmEn6-WE41lZtyTonvDjmCilRPRkf8UeuzvzdN1ouY4sIdmCRIoKvBDo7VJ9bAMgRvApTPj0ImUmzsf2KQGW9OCsatij1H9agLD3SD0m8h_6XJPFd9cVPAK8WR43ZI96j3dXt-08S3UMvE8jQoVLFKq-gPxHdf5ABR-oFH5hyc_vAfbD7xZXUZlPwdkCHnW7iE14Z0WAr9m7O-dytOEbVLdw-e97zY0LobUQ1ba2KnDaMgoTyQRVAlTl2pw
Title: Voli

Search URL Search Domain Scan URL

URL: https://join.booking.com/?lang=it&aid=339530&utm_source=footer_menu&utm_medium=frontend&label=44595_ufi-name-multi-3-plus-rec-5_v2-
Title: Registra la tua struttura

Search URL Search Domain Scan URL

URL: https://account.booking.com/auth/oauth2?redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&aid=339530&response_type=code&state=UvIC0ixDkl7ACagXVkijm01z0Sz6pPFw6R0Y0X1dWsja5XXdUBXfrEKnhFTWkIa089Z71fOXQ9fstI2uYcHtmK45OxiYHQlY_mzHvXBLpTPmm9lGVcRszTQ6TyRyRcUPc6pc6zAz3x150od-mSQ80nk2_dNKpq3H15Qufqk8h19jH-zx1ur-lmvnQRSDeqGmt9g4XEcevjgGv8MH1LWwao5mBermoNZuBFbfvkD8ufxHSQ4LgBswxqRTZ5aN1_2F8cxe9u9p5QFv7j-opsb0caVk2CLuiJPaWbFu0mNCGJIFn7uoyQ8DS2ALIuqY6UUQ_YWNAjrOaSqo21TK4OYXOhD0cJ0sGLsnry5GA8rgYH4pZaRBI_Rja-ZBoU9HfzUXJq68AQBW4ls763O9XQtxE3a9Fu7aTo_D3Aq72AaMq9H7Sq8can8SF8HTJUEyZ2L3nDxqJM6c_GowpZcQyuDNGd_HKOmG1QPKo0nqN880HeMUDtnf-w&client_id=vO1Kblk7xX9tUn2cpZLS&dt=1605685895&lang=it
Title: Il tuo account

Search URL Search Domain Scan URL

URL: https://secure.booking.com/content/cs.it.html?aid=339530;label=44595_ufi-name-multi-3-plus-rec-5_v2-;sid=ade3430c7db3cdd21440b716d2bc328f
Title: Modifiche online alla tua prenotazione

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&sid=ade3430c7db3cdd21440b716d2bc328f#/?source=blue_footer
Title: Contatta l'Assistenza Clienti

Search URL Search Domain Scan URL

URL: https://booking.com/articles.it.html?aid=339530;label=44595_ufi-name-multi-3-plus-rec-5_v2-;sid=ade3430c7db3cdd21440b716d2bc328f
Title: Articoli

Search URL Search Domain Scan URL

URL: http://cars.booking.com/Home.do?affiliateCode=booking-com&adplat=footer&preflang=it
Title: Autonoleggio

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?aid=339530&lang=it&url=https%3A%2F%2Fbooking.kayak.com%2Fin%3Fmc%3DEUR%26a%3Dbdc%252Ffooter_link%26bdclc%3Dit-it%26sid%3Dade3430c7db3cdd21440b716d2bc328f%26p%3Dfooter_link&token=UmFuZG9tSVYkc2RlIyh9YWDUtbaQciWiGSxolLfIVpai0cxXlLaKQ_C6OYG6la3R_vCVuSZb_qStaO-IV455CJvUAkwpYny9OZHEHK2-SYBFo0jaAStofoBA1c24o-qZgExgsg8A-uAG_7fHV_6X34JBzom0xy5gG3iEJkyS-KzhuMHR34XWIuLOqJlZtGFkm6vIVGHtrYyjDpPGELUa9k7gkC0GbwKfWu2A8ih517Mn2ztVm10UbW6MX4WFpe8LF_6c5LA5ZMM2eJ1YOfcaEIAcaZHwkvKKl9lGv-ecLXBrfrRF6GMPtOOClQf-1-L5AVEoj7l-b8E9PjDxbUGlGQ
Title: Ricerca voli

Search URL Search Domain Scan URL

URL: http://www.opentable.com/?ref=16087
Title: Prenotazioni ristoranti

Search URL Search Domain Scan URL

URL: https://secure.booking.com/giftcard.html?aid=339530;label=44595_ufi-name-multi-3-plus-rec-5_v2-;sid=ade3430c7db3cdd21440b716d2bc328f&aid=339530
Title: Gift Card

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&sid=ade3430c7db3cdd21440b716d2bc328f#/?source=footer_navigation
Title: Contatta l'Assistenza Clienti

Search URL Search Domain Scan URL

URL: https://partner.booking.com/en-gb?utm_campaign=footer_list&utm_medium=frontend_footer&utm_source=booking.com
Title: Partner help

Search URL Search Domain Scan URL

URL: https://careers.booking.com/?utm_source=corporate&utm_medium=footer
Title: Careers

Search URL Search Domain Scan URL

URL: https://sustainability.booking.com/
Title: Sostenibilità

Search URL Search Domain Scan URL

URL: https://news.booking.com/nl/
Title: News e comunicati stampa

Search URL Search Domain Scan URL

URL: https://www.bookingholdings.com/
Title: Relazioni con gli investitori

Search URL Search Domain Scan URL

URL: https://secure.booking.com/content/complaints.it.html?aid=339530;label=44595_ufi-name-multi-3-plus-rec-5_v2-;sid=ade3430c7db3cdd21440b716d2bc328f
Title: Risoluzione controversie

Search URL Search Domain Scan URL

URL: https://admin.booking.com/?lang=it&utm_source=extranet_login_footer&utm_medium=frontend&utm_campaign=login_footer_v0
Title: Accesso Extranet

Search URL Search Domain Scan URL

URL: https://secure.booking.com/reviewtimeline.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&sid=ade3430c7db3cdd21440b716d2bc328f&from_index_lightbox=1
Title: Accedi e lascia un giudizio

Search URL Search Domain Scan URL

URL: https://account.booking.com/auth/oauth2?lang=it&dt=1605685895&state=Ut0C0ixDkl7ACahsfX-tBkY4k6svNEYhydmDyT5qrgMjBK3LDoh5kD8bPGbPXxSc9R61SfMth-HsoLoQJFuKtOT54_piFCoCwfyi9Fi0Bs3zEjL2UMSY_Nh0lyeA7-FdTIchh2XaatqtTt1oPOOvkpBjM-GTyp8NDaq3naP81mdeQGcA51I894IoR-Iem-dldQowrvFgSTOavgpN-UU5TpWlNAxyMU7WeKmxTAVR7hN7ev-MDDaPqmXPiRkBFwQbz28RoDWXKBR4T62IYaBmSdhZAnBTrfBcZCy7Ke2IK9GD4IervE0U2OmwznrzdtJrXtP5-pE1zg0BZ5fb2Bym4nDUYWvCrnO5azeuaRue_jDo2lgI_jktwsyQDmoSgW7zUe7KLS9PATaNB7a74LXlux5TE-RD8ot6seHa8_u4QFUkuH2Fz5UyKDZZ0zLRLF2DXG937Vc8uEbTSkBvzAcm6g&client_id=vO1Kblk7xX9tUn2cpZLS&response_type=code&aid=339530&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return
Title: Accedi al tuo account

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://account.booking.com/auth/oauth2?state=UvIC0ixDkl7ACaglEM2CZ0X4Tlt9z2ocwNmKItmJmO7eMT-s8s0mpJpAWMg7Lm5d16cx9072qcmK6QMn4Y-5_wcbOzV-aq5gPm-ySol8gUs_k1VjX_JBPCYsNU3WowhANgTphJMmCJNGEZdvtE7y4bozWm25PPusP1xnc_nGXg6sI9kDIZgOzzBLWtWdw27vFLqGlhxWiR3GH5SHqsBRiGx-7r57UqqiddloHn9INURQbxWGHcZUioEA6Ity7FI6hfLXrVR5VHKM6dKsD24kmmmv4Rcis_-QMU_pP2xIOqcZlvmB38YgPkucqHDy2AarQF6kRJTb7GEfpHVdAjAipIZY2gB42tSLX1M0RXX4D8RzQUCMMHYASEpL07VMRMGcrKWuPSPLHOpL_ctuOb7Rw74wHLPO2rppZrY_4oLvhaD6iO2LFxHiAQ9ul-XdczIgpbfcopSwLU1B0vODjEd46SH8zR310bH0VZNQQVaSQ-hkGs2PXA&client_id=vO1Kblk7xX9tUn2cpZLS&dt=1605685895&lang=it&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&aid=339530&response_type=code
Title: Accedi

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1EpsctHwYOfye5_iA3HShUu_zkc7yQ7hfmnkpCxFwEH7yAh7bh2MnoKiG60LP0H4aVlqbq_Se5NsHLlFVo54GzUFH2xejLD2lUEucHONO_nbRsgB8NUQvyWXBLk6KMoquFPzbLRbq0jMd9_DjxWLFE7oVQacKtv5At3U_mFwYnl6RCye0kShIrmRkbH6GedtXDm8pmu57NICYuuPOM9rz4oe7y9j1FXHuJgAKzMwMnGbKZfmNMcSxPwr0hkZiEL68Q/36y/TCJ5nVBoSgaGEcZ0cdjZiA/h31/MG4KkT8awsLD_XI5uT94JL85t6h_1DqvVyN9jBR6vLI HTTP 302
https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://graph.facebook.com/v2.9/1148734768562115/picture?type=square&height=64&width=64 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1148734768562115&height=64&width=64&ext=1608277895&hash=AeRkGokB2GkaIupkMxg

Request Chain 38

https://graph.facebook.com/v2.9/10209672635836452/picture?type=square&height=64&width=64 HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10209672635836452&height=64&width=64&ext=1608277895&hash=AeTBEcePoy19dxIiOw0

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request florence.it.html Show response
www.booking.com/city/it/
Redirect Chain

https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1EpsctHwYOfye5_iA3HShUu_zkc7yQ7hfmnkpCxFwEH7yAh7bh2MnoKiG60LP0H4aVlqbq_Se5NsHLlFVo54GzUFH2xejLD2lUEucHONO_nbRsgB8NUQvyWXBLk6KMoquFPzbLRbq0jM...
https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=

656 KB
123 KB

383ms
296ms

Document
text/html

5.57.16.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.220 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

www.booking.com

Software

nginx /

Resource Hash

ef4330849bc9f4ea323ad83fc2170e19f4f3ee95118f55c6459a3aa177c14ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.booking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Wed, 18 Nov 2020 07:51:34 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: private
vary: User-Agent, Accept-Encoding
content-encoding: br
link: <https://cf.bstatic.com/static/css/city_cloudfront_sd.iq_ltr/6cfe8c249bf1b0a315f69466efb4fd3b41543aa2.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/e3713953ee2dbce3dfcac201f0a14ebd957e07e2.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/2a705f53bd78238c425f5fda94992e0416a8307e.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/46be710b9717ed6e149e269ffb058c7f66e1b1a3.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/030755cd5efe2e5d3a73d1e6bdb2ae88ec66a142.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/3b51d03eaf9201aca2202bd3177ba97f55a40f2f.css>; rel=preload; as=style
set-cookie: _pxhd=37d2f0cd09716672e7fbc4d7fff4fb475d7e6f96ddb69a320fc6970f21a6b3e0%3Ae0e97960-2972-11eb-ac0f-4f27e9295a3c; path=/; expires=Thu, 18-Nov-2021 07:51:34 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCqcDFAq0h%2BiE6YRCntGl10eVAdlJU%2FPSvYIFZNk%2BbFrMfeFeFn1NtZx3%2FyMirBNmql1V1MQ62MES55fdyC7h5nHG36lyBTN20DteEN2rC3iGSP3eLE%2FLrJo0soOaff%2BQlV%2F3vVrDj%2Bff1afda7YpP1w; domain=.booking.com; path=/; expires=Mon, 17-Nov-2025 07:51:34 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
content-security-policy-report-only: report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=c37b3743259e0100&e=UmFuZG9tSVYkc2RlIyh9YY3qgAD-FHfCHpVugv4NxjunvP2KGYNkgTzt9NPpLilk&f=2&s=0; frame-ancestors 'none';
x-xss-protection: 1; mode=block

Redirect headers

status: 302
server: nginx
content-type: text/html; charset=utf-8
location: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
x-robots-tag: noindex, nofollow
accept-ranges: bytes
date: Wed, 18 Nov 2020 07:51:34 GMT
via: 1.1 varnish
x-served-by: cache-fra19168-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1605685894.654349,VS0,VE348
content-length: 251

GET
H2 200 6cfe8c249bf1b0a315f69466efb4fd3b41543aa2.css
cf.bstatic.com/static/css/city_cloudfront_sd.iq_ltr/ 52 KB
9 KB 29ms
7ms Stylesheet
text/css 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/city_cloudfront_sd.iq_ltr/6cfe8c249bf1b0a315f69466efb4fd3b41543aa2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4332a3521e91dcc0b63accbfad404126cf0b10f888dd0916694bf23c4a456308

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 13:24:20 GMT
content-encoding: br
age: 757634
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 06 Nov 2020 12:30:11 GMT
server: nginx
etag: W/"5fa541d3-d14e"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: taaBnQPcBBH2nHlucwzNjiI0yOFj14LdGMjCB0ZXTGnLAKfD0MzPWg==
expires: Wed, 09 Dec 2020 13:24:20 GMT

GET
H2 200 e3713953ee2dbce3dfcac201f0a14ebd957e07e2.css
cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/ 167 KB
28 KB 29ms
7ms Stylesheet
text/css 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/e3713953ee2dbce3dfcac201f0a14ebd957e07e2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

16e0003dc39f4f84971f2c8b6cfe26b1201132aadf5de888797ee27732630a56

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 10:41:42 GMT
content-encoding: br
age: 853792
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 08 Sep 2020 15:17:43 GMT
server: nginx
etag: W/"5f57a097-29d3c"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: XopKEthSObsS2BvWEvfLnUmdd-ZwXQY2CvqSe6VxKB_wtYPJ1GJ6wA==
expires: Tue, 08 Dec 2020 10:41:42 GMT

GET
H2 200 2a705f53bd78238c425f5fda94992e0416a8307e.css
cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/ 17 KB
3 KB 30ms
8ms Stylesheet
text/css 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/2a705f53bd78238c425f5fda94992e0416a8307e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

abd844c702ac28794b712775cf03bafb928a55a2d51ff2fa2b922399ff1790ad

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 22:51:54 GMT
content-encoding: br
age: 809980
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 04 Nov 2020 16:10:32 GMT
server: nginx
etag: W/"5fa2d278-4394"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: ze08cNFIXjRuK051luN7pqI33dmdiTAYJW5mSnPzZh2q_EukZgEV-w==
expires: Tue, 08 Dec 2020 22:51:54 GMT

GET
H2 200 46be710b9717ed6e149e269ffb058c7f66e1b1a3.css
cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/ 378 KB
52 KB 30ms
8ms Stylesheet
text/css 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/46be710b9717ed6e149e269ffb058c7f66e1b1a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a78fd72e6f5d915c3e8f79a513c1bf865d7213228d504aa9184c666a140820ea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 13:33:32 GMT
content-encoding: br
age: 497882
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Thu, 12 Nov 2020 13:24:47 GMT
server: nginx
etag: W/"5fad379f-5e645"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: XcVmkBNEsKfMMF-IukO28vtkZ8XTap7GNWnD_H7-W-PLMeHrRkg5aw==
expires: Sat, 12 Dec 2020 13:33:32 GMT

GET
H2 200 030755cd5efe2e5d3a73d1e6bdb2ae88ec66a142.css
cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/ 134 KB
22 KB 30ms
8ms Stylesheet
text/css 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/030755cd5efe2e5d3a73d1e6bdb2ae88ec66a142.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e7f0b833b1e3412c7175ac8ba4f59ae773cec67707961da11bd6cf754047be44

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 04:50:11 GMT
content-encoding: br
age: 1047683
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 06 Nov 2020 04:06:25 GMT
server: nginx
etag: W/"5fa4cbc1-2173c"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: VD1N-ouzRGUBORawnBHVpPPx5YV2fhYzmGqmnLVXMSNNFp9NvOeZtg==
expires: Sun, 06 Dec 2020 04:50:11 GMT

GET
H2 200 3b51d03eaf9201aca2202bd3177ba97f55a40f2f.css
cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/ 67 KB
12 KB 30ms
9ms Stylesheet
text/css 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/3b51d03eaf9201aca2202bd3177ba97f55a40f2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d9a5ed8c043ef3a4d83b1c80727420bcc8ca3ec422f378ca59e564d23ace7cb6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 03:44:58 GMT
content-encoding: br
age: 1137996
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 04 Nov 2020 16:10:33 GMT
server: nginx
etag: W/"5fa2d279-10af3"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: hpDA8emS-jFclTypsEl1qG8fJFSg-3YHNIQER-sM9Xt_-s_FomKpEw==
expires: Sat, 05 Dec 2020 03:44:58 GMT

GET
H2 200 093ba4379029bea66dcc91eeecaa3b7ee259fbc0.js Show response
cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/ 37 KB
12 KB 30ms
10ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/093ba4379029bea66dcc91eeecaa3b7ee259fbc0.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dc83f9902e6e1ee88fdf6696eba68cda0f46a92d1cc868334cf07ecb8655a505

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 09:31:29 GMT
content-encoding: br
age: 426005
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 15 Sep 2020 08:05:11 GMT
server: nginx
etag: "5f6075b7-93db"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: DKMPnYtKKIX7-EQZ1ejeLKHa6tM8JFp5zdnYBCTO-HbltPmz1F2yfw==
expires: Sun, 13 Dec 2020 09:31:29 GMT

GET
H2 200 b7d9d30c56875df3553b561b0a06e5edf66aa9fe.js Show response
cf.bstatic.com/static/js/jquery_cloudfront_sd/ 103 KB
33 KB 31ms
11ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/jquery_cloudfront_sd/b7d9d30c56875df3553b561b0a06e5edf66aa9fe.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58152349e8977d29033e96a8617c5b5699485400848518ac05dab5bee7e874c0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 23:04:25 GMT
content-encoding: br
age: 809229
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:38 GMT
server: nginx
etag: W/"5cadd1c2-19a65"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: VeRlG8_Cpti5YX0Wo_QBCSHTLNvt8LqDj4BS3BWncX5b-YLZ2EjtPg==
expires: Tue, 08 Dec 2020 23:04:25 GMT

GET
H2 200 1ba89ad4dca268d39894065811f7348c95c75c87.js Show response
cf.bstatic.com/static/js/main_cloudfront_sd/ 517 KB
130 KB 31ms
11ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/main_cloudfront_sd/1ba89ad4dca268d39894065811f7348c95c75c87.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

817bc91c1cc2ea39347f2687eba948394b20aa1663e8940170f1695d7af8efce

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 13:11:07 GMT
content-encoding: br
age: 153626
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 16 Nov 2020 13:00:07 GMT
server: nginx
etag: W/"5fb277d7-8152f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: EFZxn7ReKDpw9y3NeGDqltiBtM5L2SGLtwE7vTMSmMcZBhyJdk_YEA==
expires: Wed, 16 Dec 2020 13:11:07 GMT

GET
H2 200 90e96511fd08c39fb1f2f3765ca71c8750ba1adf.js Show response
cf.bstatic.com/static/js/city_cloudfront_sd/ 38 KB
10 KB 31ms
11ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/city_cloudfront_sd/90e96511fd08c39fb1f2f3765ca71c8750ba1adf.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a7dea501821b67ff3b5772dd2977e6f48ab42b337058942f7a6d61fb339b41f3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 19:43:37 GMT
content-encoding: br
age: 821277
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 07 Oct 2020 11:29:09 GMT
server: nginx
etag: W/"5f7da685-9944"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: BaLxqfb6Ofj-WGcFvqM33EfM7tWZ8Vt77h5U_fZfC47Bb0RYltBfzQ==
expires: Tue, 08 Dec 2020 19:43:37 GMT

GET
H2 200 1623e885728a2d4bdcadf66d99e62a02fba72b2e.js Show response
cf.bstatic.com/static/js/searchbox_cloudfront_sd/ 210 KB
46 KB 31ms
12ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/searchbox_cloudfront_sd/1623e885728a2d4bdcadf66d99e62a02fba72b2e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eccf79859eecc0808c87aa3d12e6e36400f75119b5017a37a8989c67eb40391f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:56:16 GMT
content-encoding: br
age: 2260518
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 03:10:45 GMT
server: nginx
etag: W/"5f9249b5-34637"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: eMum5pvYL_lkMAp1ejCakxZA6ygxSr1m2Z8OYiqSk1DBSwmTS61LPg==
expires: Sun, 22 Nov 2020 03:56:16 GMT

GET
H2 200 f56f7a2e7854715ad5ecc2f07a1a4c7b4a49970d.js Show response
cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/ 5 KB
2 KB 31ms
12ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/f56f7a2e7854715ad5ecc2f07a1a4c7b4a49970d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

989d322d7d5dcbf0d70bdf5ccb512aef7ffbb4b31051cd1072bd9f711f0dcfeb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 02:22:19 GMT
content-encoding: br
age: 1920555
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 22 May 2020 09:54:55 GMT
server: nginx
etag: W/"5ec7a16f-14e1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: UJ2ZvYU7RM9f589yX64hxoPm2WTFihm5MIYqGik4ogtNO3Pk3Htdlw==
expires: Thu, 26 Nov 2020 02:22:19 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/ 144 KB
15 KB 32ms
13ms Script
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d89478b6988e2b97240a98d5ddd2dd24b4799719b0fe891aba554434c36247d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Nov 2020 07:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 27nP5262IixDzYXZjHw6PA==
age: 5506
status: 200
vary: Accept-Encoding
content-length: 14247
cf-request-id: 067bef75190000c2d68faf8000000001
x-ms-lease-status: unlocked
last-modified: Tue, 08 Sep 2020 11:37:26 GMT
server: cloudflare
etag: 0x8D853EB8F603509
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9d5630cb-c01e-0040-6a3d-b3f108000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f401b682facc2d6-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
4 KB 13ms
12ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Nov 2020 07:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lztHLkvcGPqUR1UL9im3jQ==
age: 7140
status: 200
vary: Accept-Encoding
content-length: 4134
cf-request-id: 067bef755b0000c2d6a501d000000001
x-ms-lease-status: unlocked
last-modified: Tue, 17 Nov 2020 19:25:07 GMT
server: cloudflare
etag: 0x8D88B2E7DF4E3F2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3658e2b1-901e-0035-491b-bd76b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f401b689876c2d6-FRA

GET
H2 200 2454015045ef79168d452ff4e7f30bdadff0aa81.js Show response
cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/ 95 B
523 B 7ms
6ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 09:26:21 GMT
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
age: 1895113
x-cache: Hit from cloudfront
status: 200
content-length: 95
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:38 GMT
server: nginx
etag: "5cadd1c2-5f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: NVlGvvj2ezKrdnXmmeJOCiMVjnan4XZcZreSzg0M-H1tK94K2ncWSw==
expires: Thu, 26 Nov 2020 09:26:21 GMT

GET
H2 200 77204d4da4aa41b08b1a4062c8e66e4629550994.js Show response
cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/ 5 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e4629550994.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

994ec33de4b9253b6abbf26965dafb40c822e0b333e334456be7ff2a6fa638fe

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 22:47:56 GMT
content-encoding: br
age: 1847018
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 04 Feb 2020 10:19:57 GMT
server: nginx
etag: W/"5e39454d-15f3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: Dpbgn9hfT8aCZTarXD_N2LEgCHCddD1RgLvor3VTsU4E0-9V0vQI4g==
expires: Thu, 26 Nov 2020 22:47:56 GMT

GET
H2 200 3ea94870-d4b1-483a-b1d2-faf1d982bb31.json Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/ 4 KB
3 KB 44ms
30ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48bf6044861f73642109e65d08ace58060d75d35dca9c3b8d578d690923af4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Nov 2020 07:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: H381rYcjJAK8NX7dV3/lkA==
age: 5512
status: 200
vary: Accept-Encoding
content-length: 1786
cf-request-id: 067bef75810000dfdb3430e000000001
x-ms-lease-status: unlocked
last-modified: Tue, 08 Sep 2020 11:37:42 GMT
server: cloudflare
etag: 0x8D853EB995525A0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 47ffb7e3-f01e-006a-0f36-b3844d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f401b68cd2adfdb-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
515 B 39ms
22ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 07:51:34 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5f401b691bd41762-FRA
cf-request-id: 067bef75b300001762953bf000000001

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
68 KB 12ms
11ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Nov 2020 07:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 856036
status: 200
vary: Accept-Encoding
content-length: 69711
cf-request-id: 067bef75cc0000c2d68a086000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2475bc65-c01e-0004-31b6-b52d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f401b6949a1c2d6-FRA
expires: Thu, 26 Nov 2020 07:51:34 GMT

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/f8745995-04f8-44ca-a6ff-f90c2d275998/ 62 KB
15 KB 32ms
31ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/f8745995-04f8-44ca-a6ff-f90c2d275998/it.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64fa560524fb91bff11d914ed72adfbf30c864d4d6d2c6e598902e236451ffc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Nov 2020 07:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BplNFzjC90DrX3vgEmOmkA==
age: 3809
status: 200
vary: Accept-Encoding
content-length: 15200
cf-request-id: 067bef75ec0000dfdb5604c000000001
x-ms-lease-status: unlocked
last-modified: Tue, 08 Sep 2020 11:38:11 GMT
server: cloudflare
etag: 0x8D853EBAA97FDB5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cec765b4-e01e-0158-2fb0-b49ac8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f401b697e1edfdb-FRA

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
4 KB 16ms
15ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Nov 2020 07:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NgHQTHCGWwGmNE0ie37G8A==
age: 966180
status: 200
vary: Accept-Encoding
content-length: 3248
cf-request-id: 067bef76160000dfdb39236000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3e36fe4a-b01e-006d-09b6-b472c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f401b69bec4dfdb-FRA
expires: Thu, 26 Nov 2020 07:51:34 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 57 KB
14 KB 23ms
22ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 18 Nov 2020 07:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: C3H4UUH4EphFQbkR0Bpbhg==
age: 1128722
status: 200
vary: Accept-Encoding
content-length: 14112
cf-request-id: 067bef76150000dfdb77095000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:18 GMT
server: cloudflare
etag: 0x8D84A3B56497C4B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 159cfda7-901e-00f9-533b-b31206000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f401b69bec9dfdb-FRA
expires: Thu, 26 Nov 2020 07:51:34 GMT

GET
H2 200 b8db3771480bd0c7971b9f94cad3640c89521882.png
cf.bstatic.com/static/img/flags/new/48-squared/it/ 153 B
572 B 6ms
6ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/new/48-squared/it/b8db3771480bd0c7971b9f94cad3640c89521882.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

861f2142293eb28de2c5f7c6f0035847ae176dc02470bfa7fbb157bf2b89339d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 14:41:06 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 1789829
x-cache: Hit from cloudfront
status: 200
content-length: 153
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
server: nginx
etag: "5f55f887-99"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FG1Z49qk92RiOuNLf6wBh5v0-ux1T08xwiuSS9_1FzA4ca6ms0mQ4A==
expires: Fri, 27 Nov 2020 14:41:06 GMT

GET
H2 200 b700d9e3067c1186a3364012df4fe1c48ae6da44.png
cf.bstatic.com/static/img/nobg_all_blue_iq/ 73 B
478 B 6ms
6ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/nobg_all_blue_iq/b700d9e3067c1186a3364012df4fe1c48ae6da44.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6153929734ec12ec07072f327c1112301828497e4dd356ca261461b0b7ba9621

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 19:06:08 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 1255527
x-cache: Hit from cloudfront
status: 200
content-length: 73
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-49"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: 7Utw7X6F3LHNFYZ8ckQW0XAvAiyNUATxTeuHVGPNGkI3qfrkOZlOGg==
expires: Thu, 03 Dec 2020 19:06:08 GMT

GET
H2 200 staticmap
maps.googleapis.com/maps/api/ 12 KB
12 KB 27ms
7ms Image
image/png 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/staticmap?format=png8&zoom=12&center=43.771427,11.254021&size=264x130&language=it&client=gme-booking&channel=booking-frontend&signature=OK3ziDE1JsbADWwciNxDrWlBuGY=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c868746e18f4ef3d9aa54e269e518c6ad9b6522bb3e44ec272bceea5e756c575

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 12:03:02 GMT
server: scaffolding on HTTPServer2
age: 71313
status: 200
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12289
x-xss-protection: 0
expires: Wed, 18 Nov 2020 12:03:02 GMT

GET
H2 200 5314.webp
cf.bstatic.com/xdata/images/explorer_city/1680x560/ 139 KB
140 KB 10ms
10ms Image
image/webp 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/explorer_city/1680x560/5314.webp?k=484193a455ab65ddcc76e360f366b84c6942e987a32e594dbdb35fdd0329bdf1&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

16a688a3640257d57bfe5f2387de39a8c353c14d80a879ec0d59b838626c52b1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 05:59:00 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 6755
x-cache: Hit from cloudfront
status: 200
content-length: 142510
x-xss-protection: 1; mode=block
server: nginx
etag: "99a4d538561e65a67529ffc8548c17c76dcea057"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: NtqD8WNT7mlQtORMe8EXKvWMb1ZyhxpM9GJWyInQ7elK5gSFBrgQiw==
expires: Fri, 18 Dec 2020 05:59:00 GMT

GET
H2 200 07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg
cf.bstatic.com/static/img/cross_product_index/accommodation/ 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/accommodation/07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/3b51d03eaf9201aca2202bd3177ba97f55a40f2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a0ff1db86f13d31743f7e0c4d1c45fe7953cd5089d91be2a2ce3d12f7a4beae2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/3b51d03eaf9201aca2202bd3177ba97f55a40f2f.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 12:26:37 GMT
content-encoding: br
age: 1797898
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:51 GMT
server: nginx
etag: W/"5cadd1cf-7f2"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: Ehzmy3e67vNwZaCbrd_amteZnd3hzQagjJx500mTqq-0e336UMNnJQ==
expires: Fri, 27 Nov 2020 12:26:37 GMT

GET
H2 200 fb6f63d62231f9fe552d79b5448620b2e63c726e.svg
cf.bstatic.com/static/img/cross_product_index/toggle/ 1 KB
907 B 6ms
6ms Image
image/svg+xml 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/toggle/fb6f63d62231f9fe552d79b5448620b2e63c726e.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/3b51d03eaf9201aca2202bd3177ba97f55a40f2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbc5c6cc8dc52fe293be4d79d32c85f9e8d9baa9867653927dda0c1b905a3505

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/3b51d03eaf9201aca2202bd3177ba97f55a40f2f.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 22:04:50 GMT
content-encoding: br
age: 1763205
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:51 GMT
server: nginx
etag: W/"5cadd1cf-5e7"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: iEuSPGnheCUkkrfnv7bz_i4GuMTILFFnNFC6Nw3ASooLRtbuVhAdDw==
expires: Fri, 27 Nov 2020 22:04:50 GMT

GET
H2 200 b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg
cf.bstatic.com/static/img/cross_product_index/guest/ 2 KB
1 KB 7ms
6ms Image
image/svg+xml 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/guest/b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/3b51d03eaf9201aca2202bd3177ba97f55a40f2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a3668c35c677731ca1295a5f13ad82d97bc77aeb701720456f392e5bd888f2ef

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/3b51d03eaf9201aca2202bd3177ba97f55a40f2f.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 22:47:56 GMT
content-encoding: br
age: 1847019
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:51 GMT
server: nginx
etag: W/"5cadd1cf-63d"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: TnOhAFBfb1nuYjSdG4t1JzWbfVvlAmrmN43NdyhktsNzCGhClo0GEQ==
expires: Thu, 26 Nov 2020 22:47:56 GMT

GET
H2 200 eda49be4e4ce4a7c5b309d17eee802f8c66e1074.png
cf.bstatic.com/mobile/images/tiny_grid_map/ 336 B
756 B 7ms
6ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/mobile/images/tiny_grid_map/eda49be4e4ce4a7c5b309d17eee802f8c66e1074.png

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/city_cloudfront_sd.iq_ltr/6cfe8c249bf1b0a315f69466efb4fd3b41543aa2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

16aef54bc3a4dda11a10b7e84833086e95675aecbd644a177b1d62ed6ba28a3b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/css/city_cloudfront_sd.iq_ltr/6cfe8c249bf1b0a315f69466efb4fd3b41543aa2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 10:24:54 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 2582801
x-cache: Hit from cloudfront
status: 200
content-length: 336
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-150"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Qdfj4vLEfDuedWgrxOFw2yF_BrlvowKMoIbVt2lCfZqcMWj6VbGBpQ==
expires: Wed, 18 Nov 2020 10:24:54 GMT

GET
H2 200 29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2
cf.bstatic.com/static/fonts/booking-iconset-original/ 91 KB
91 KB 7ms
6ms Font
application/octet-stream 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/booking-iconset-original/29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/e3713953ee2dbce3dfcac201f0a14ebd957e07e2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a98c20990fe3e31203fe2db8384af8e05e7b358cdae3c28b034e1f02b47db630

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/e3713953ee2dbce3dfcac201f0a14ebd957e07e2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 01 Nov 2020 23:44:49 GMT
content-encoding: br
age: 1411606
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: W/"5cadd1cd-16a34"
vary: Accept-Encoding
content-type: text/plain
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: Dv8tg__wkthcB8SconOVe2q4CkpUnRV8jxKNPPBD6u0JyO1g9GoCpw==
expires: Tue, 01 Dec 2020 23:44:49 GMT

GET
H2 200 171184326.webp
cf.bstatic.com/xdata/images/hotel/square200/ 4 KB
4 KB 11ms
10ms Image
image/webp 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/hotel/square200/171184326.webp?k=394ac19639e0428fa26055b1ea9f435bd5843310491fec67d7623f03c7b8d854&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c97182623ed48a971c0118df63e2632b0a5a563f6d4d44df9547b36b924f5611

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 08:40:43 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 83452
x-cache: Hit from cloudfront
status: 200
content-length: 4202
x-xss-protection: 1; mode=block
server: nginx
etag: "dcaf9ccfd348ca1a6dcecd050f7c8a60901001c2"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: iLWg9uwuPVX7G2_UyHrK-nLaC3UXIuFiau-3LnnWaXiFvfuJlWwjqg==
expires: Thu, 17 Dec 2020 08:40:43 GMT

GET
H2 200 96842268.webp
cf.bstatic.com/xdata/images/hotel/square200/ 5 KB
5 KB 11ms
11ms Image
image/webp 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/hotel/square200/96842268.webp?k=b682ed7e9b17809e43b9f0c72aa4caa8f094686e777a54d4258940213211e1d3&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a4080195c9e2b55eeb1dede9a823c742b578c24c7019c3bf817aea31b055ce4a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:41:18 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 72617
x-cache: Hit from cloudfront
status: 200
content-length: 4740
x-xss-protection: 1; mode=block
server: nginx
etag: "33f88a1450cf9aea5c45c1bad3c2ab16b39c3004"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: cKHDwukc-PhHoyyaX_5Qsg3EVxsWx-Nf8w7GDyixXxjJRX-nRvAxYg==
expires: Thu, 17 Dec 2020 11:41:18 GMT

GET
H2 200 photo.jpg64
lh6.googleusercontent.com/-_yXZJHgvSCU/AAAAAAAAAAI/AAAAAAAAAJY/OK54_0_5oF0/s96-c/ 3 KB
4 KB 42ms
20ms Image
image/jpeg 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/-_yXZJHgvSCU/AAAAAAAAAAI/AAAAAAAAAJY/OK54_0_5oF0/s96-c/photo.jpg64

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8cb7074e25bba3f33cce6da616a0bf9bc4743dcc4a2e82c82c089ae719943a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 07:51:35 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename=""
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3522
x-xss-protection: 0
server: fife
etag: "v96"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Nov 2020 07:51:35 GMT

GET
H2 200 2c7be68fb3f987f1352e7b289d4b24137e1a283d.png
cf.bstatic.com/static/img/review/avatars/ava-a/ 3 KB
3 KB 9ms
6ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/review/avatars/ava-a/2c7be68fb3f987f1352e7b289d4b24137e1a283d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dca199aad99fcb8fd0be754b8a2299cd5606457c2140b37e59cc649fe7e28fa2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 19:13:21 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 131894
x-cache: Hit from cloudfront
status: 200
content-length: 2653
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-a5d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Cyl6RzDOOM4AFxHdh6pSPGwaG5Cnkezl72rH9le5UoGMExBw8svkuQ==
expires: Wed, 16 Dec 2020 19:13:21 GMT

GET
H2 200 743312ca303f4a4be7af10e6d1015d40a0ce81a4.png
cf.bstatic.com/static/img/review/avatars/ava-w/ 3 KB
4 KB 9ms
7ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/review/avatars/ava-w/743312ca303f4a4be7af10e6d1015d40a0ce81a4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1669f3f3f1ab17620e0bf0b8185b9b98c1974bd953d329de46a57a13b416dcba

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 18:24:35 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 1517220
x-cache: Hit from cloudfront
status: 200
content-length: 3229
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-c9d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: QIRz2bPhwP8oYjFFinp_FUpVmp5LufMpigmz9KkTs82yCg-x-4ytOQ==
expires: Mon, 30 Nov 2020 18:24:35 GMT

GET
H2 200 photo.jpg64
lh4.googleusercontent.com/-wxhIfPBdb8k/AAAAAAAAAAI/AAAAAAAAAAA/ACHi3rfTLUyOubuDXECgqT_6qIli4eWT3w/s96-c/ 471 B
852 B 29ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/-wxhIfPBdb8k/AAAAAAAAAAI/AAAAAAAAAAA/ACHi3rfTLUyOubuDXECgqT_6qIli4eWT3w/s96-c/photo.jpg64

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

99b644875579d8656a179ee26a89c42e0820330b9dc013bc7d10afd17b2fddf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 07:38:50 GMT
x-content-type-options: nosniff
age: 765
status: 200
content-disposition: inline;filename=""
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Nov 2020 07:38:50 GMT

GET

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/v2.9/1148734768562115/picture?type=square&height=64&width=64
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1148734768562115&height=64&width=64&ext=1608277895&hash=AeRkGokB2GkaIupkMxg

0
0

GET

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/v2.9/10209672635836452/picture?type=square&height=64&width=64
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10209672635836452&height=64&width=64&ext=1608277895&hash=AeTBEcePoy19dxIiOw0

0
0

GET
H2 200 d321d61d78a8fa310843e1967dca38e6276b92aa.png
cf.bstatic.com/static/img/review/avatars/ava-s/ 3 KB
4 KB 9ms
7ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/review/avatars/ava-s/d321d61d78a8fa310843e1967dca38e6276b92aa.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fa61f361a0931ce4a152fa1f2cc68b8469eb44d0abaf45d3de1d182041062760

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 09:55:59 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 1634136
x-cache: Hit from cloudfront
status: 200
content-length: 3376
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-d30"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Y7pyfypWQhEA9XxwSBqvXjYbo9_s8qtq9gGtWCOg3b94zVYi_WZHvg==
expires: Sun, 29 Nov 2020 09:55:59 GMT

GET
H2 200 315f92289c481a16de5ee7737aa1b5fd531afcce.png
cf.bstatic.com/static/img/review/avatars/ava-c/ 3 KB
3 KB 14ms
9ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/review/avatars/ava-c/315f92289c481a16de5ee7737aa1b5fd531afcce.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a22f4e938313573515af49d6e701cd03f8fb3c9d6fbd8898a534b0787c11c046

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 23:37:54 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 980021
x-cache: Hit from cloudfront
status: 200
content-length: 3063
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-bf7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: oUnItTVnPq8DY4BXbA39Nt_xaEmI291qKG8j5tLffUEWxN6Bjl91Dw==
expires: Sun, 06 Dec 2020 23:37:54 GMT

GET
H3-Q050 400 photo.jpg64
lh4.googleusercontent.com/-vUDpoTTGGqI/AAAAAAAAAAI/AAAAAAAAAAA/AMp5VUrDX00lffzA9plavnHCuRnNAvOwTg/s96-c/ 0
0 46ms
28ms Image
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh4.googleusercontent.com/-vUDpoTTGGqI/AAAAAAAAAAI/AAAAAAAAAAA/AMp5VUrDX00lffzA9plavnHCuRnNAvOwTg/s96-c/photo.jpg64
Requested by: Host: www.booking.com
URL: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 18893454.webp
cf.bstatic.com/xdata/images/xphoto/square64/ 890 B
1 KB 15ms
11ms Image
image/webp 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/xphoto/square64/18893454.webp?k=5630a662dbddca452a3c267288ed68290a1db380fb77a4016eeae2d7838dea13&o=?t=1493250428

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

38f85d3c23c851d1992860f1604cb4001eaaf9dca4d5e8b32c3d07810215c2c7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 09:21:48 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 1204187
x-cache: Hit from cloudfront
status: 200
content-length: 890
x-xss-protection: 1; mode=block
server: nginx
etag: "57d226f55e06461a1ce07d223cf94d406fd9acb1"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: NhLnAXwHoU4N0NJ8foJCnyfHIEslVN-d8uYCBCBOMZkOqL4MwZByWw==
expires: Fri, 04 Dec 2020 09:21:48 GMT

GET picture
graph.facebook.com/v2.9/10217115239943395/ 0
0

GET
H2 200 d3882ab9674d57559f4b0ecc7f2b01ecbc7a8057.png
cf.bstatic.com/static/img/review/avatars/ava-n/ 2 KB
2 KB 13ms
10ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/review/avatars/ava-n/d3882ab9674d57559f4b0ecc7f2b01ecbc7a8057.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

345030d498fdbd30645029918c0d0b43c95d1b75c8d9a81de1863ae169581203

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 22:42:38 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 292137
x-cache: Hit from cloudfront
status: 200
content-length: 1973
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:56 GMT
server: nginx
etag: "5cadd1d4-7b5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yICp0tXwTKza4UMwAVsMqpYDcMhdObXIRDBmOiNywNbXoc65WZh0IQ==
expires: Mon, 14 Dec 2020 22:42:38 GMT

GET
H3-Q050 200 photo.jpg64
lh5.googleusercontent.com/-XYmakB9tS0w/AAAAAAAAAAI/AAAAAAAAAAs/-cMXFVO6bY4/s96-c/ 6 KB
6 KB 70ms
48ms Image
image/jpeg 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/-XYmakB9tS0w/AAAAAAAAAAI/AAAAAAAAAAs/-cMXFVO6bY4/s96-c/photo.jpg64

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d9de10a19556a68c9b1593b79dc39ba306b83ddcdeeec9fceccd9731195bc21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 07:51:35 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename=""
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5874
x-xss-protection: 0
server: fife
etag: "vb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Nov 2020 07:51:35 GMT

GET picture
graph.facebook.com/v2.9/10205010667737785/ 0
0

GET picture
graph.facebook.com/v2.9/10214659921545403/ 0
0

GET
H3-Q050 400 photo.jpg64
lh4.googleusercontent.com/-GTO1vyaNTf8/AAAAAAAAAAI/AAAAAAAAAAA/AAyYBF5_m1PfWjJRfiy1pa_TZJVIql3OfA/s96-c/ 0
0 46ms
29ms Image
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh4.googleusercontent.com/-GTO1vyaNTf8/AAAAAAAAAAI/AAAAAAAAAAA/AAyYBF5_m1PfWjJRfiy1pa_TZJVIql3OfA/s96-c/photo.jpg64
Requested by: Host: www.booking.com
URL: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 c9a51000ce90cbf81dcc81b847f9bccc3330d3a4.png
cf.bstatic.com/static/img/review/avatars/ava-l/ 807 B
1 KB 12ms
10ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/review/avatars/ava-l/c9a51000ce90cbf81dcc81b847f9bccc3330d3a4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fb3123d5172d1b11c3df465b6c5d8c75a2ae38ff4495a78c49c80603cd4ff304

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 18:25:02 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 1344393
x-cache: Hit from cloudfront
status: 200
content-length: 807
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-327"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GTfZ-qjQ8K_fqri27G43xyz14-MQ4DnFQlP97K_YFVFWPHmR20ntjw==
expires: Wed, 02 Dec 2020 18:25:02 GMT

GET
H2 200 f69a0f45af414641ac0371c1f139c49637969c6c.png
cf.bstatic.com/static/img/review/avatars/ava-j/ 2 KB
2 KB 12ms
10ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/review/avatars/ava-j/f69a0f45af414641ac0371c1f139c49637969c6c.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d50a8ac15ac8ee350d4c0c4d32fe3490105b86ec25b0f503fbff39d592db8496

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 19:07:23 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 1946652
x-cache: Hit from cloudfront
status: 200
content-length: 1692
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-69c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: H2WbThgitkY_OHpvNAwm-cz0ugH9-bvKLjWealJ4tq0XCgeA_xvvDA==
expires: Wed, 25 Nov 2020 19:07:23 GMT

GET
H2 200 7eb52a437de4a380f7666d4a62da6e64294cd321.png
cf.bstatic.com/static/img/review/avatars/ava-t/ 847 B
1 KB 7ms
6ms Image
image/png 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/review/avatars/ava-t/7eb52a437de4a380f7666d4a62da6e64294cd321.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7945f17300214c1c3b047fa213955d56a9169990f79b908ffb3da14afc511b87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 20:37:02 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age: 1336473
x-cache: Hit from cloudfront
status: 200
content-length: 847
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-34f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FcLGu9Vv9PVIYIq9sa4kv_6GWSYwxeQYEWefSy6zEoXPPif_B-l_eg==
expires: Wed, 02 Dec 2020 20:37:02 GMT

GET
H2 200 a959b42a0772e7ae6d2f3d985b7125032734adb8.js Show response
cf.bstatic.com/static/js/raf_cloudfront_sd/ 135 KB
22 KB 7ms
7ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/raf_cloudfront_sd/a959b42a0772e7ae6d2f3d985b7125032734adb8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3cdef507ad19538965f94cb8c484647dd409bab361e6f3d2408c6f2c69f231a0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 03:22:05 GMT
content-encoding: br
age: 448170
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 13 Nov 2020 03:10:10 GMT
server: nginx
etag: W/"5fadf912-21c25"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: M4pe3qgSGpS78XZHZL3bU9_cwSnadTX5GsbUo-Om8FIOLBpTKBxgZA==
expires: Sun, 13 Dec 2020 03:22:05 GMT

GET
H2 200 0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css
cf.bstatic.com/static/css/print/ 5 KB
2 KB 7ms
6ms Stylesheet
text/css 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/print/0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/main_cloudfront_sd/1ba89ad4dca268d39894065811f7348c95c75c87.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f9824e5f4727f34dd4b3f268cc3a51970a763e2e54fbe9934c44b7ffc1159e8b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 10:41:48 GMT
content-encoding: br
age: 853788
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:34 GMT
server: nginx
etag: W/"5cadd1be-13ac"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: pfAg6CY88mdJEQGk1r7vRGXONGDD-8ryU6Nic7lDOZNO4RgC3Qw21w==
expires: Tue, 08 Dec 2020 10:41:48 GMT

GET
H2 200 f2431be03655379438e6ba2e42d684130b7b4cad.css
cf.bstatic.com/static/css/searchresults_cloudfront_sd.iq_ltr/ 0
54 KB 8ms
6ms Other
text/css 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/searchresults_cloudfront_sd.iq_ltr/f2431be03655379438e6ba2e42d684130b7b4cad.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 15:12:26 GMT
content-encoding: br
age: 146350
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: nginx
etag: W/"5fb2939d-5b3b1"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: K-8I83EwolndlepNNELdGjkwBB83XPxggn5A_c8xb75PoETjlIWlag==
expires: Wed, 16 Dec 2020 15:12:26 GMT

GET
H2 200 b13f0db94b1a42db8f696cce63e3ddbbfa21b199.js
cf.bstatic.com/static/js/searchresults_cloudfront_sd/ 0
184 KB 14ms
12ms Other
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/searchresults_cloudfront_sd/b13f0db94b1a42db8f696cce63e3ddbbfa21b199.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 15:12:26 GMT
content-encoding: br
age: 146349
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 16 Nov 2020 14:58:36 GMT
server: nginx
etag: W/"5fb2939c-dd1e6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: 5Ulh6EJDuB0K-80FGcNaF5ZWnWxIAR2_EfbzFsPASNCqxShq30nTVg==
expires: Wed, 16 Dec 2020 15:12:26 GMT

GET
H2 200 39053d9ff5d0191253e71eddcb423d74e887a6c1.js
cf.bstatic.com/static/js/tpi_searchresults_cloudfront_sd/ 0
5 KB 14ms
12ms Other
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/tpi_searchresults_cloudfront_sd/39053d9ff5d0191253e71eddcb423d74e887a6c1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 15:12:26 GMT
content-encoding: br
age: 146350
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 16 Nov 2020 13:00:07 GMT
server: nginx
etag: W/"5fb277d7-440a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: YIF2QTIYmexRKoqdH9R2Lq5PwI6BuWz1BD5nu7oJuD3ITazJG3oZ1A==
expires: Wed, 16 Dec 2020 15:12:26 GMT

GET
H2 200 d46ba8856024e20f1bbf5dce13c2332e6751a30e.js
cf.bstatic.com/static/js/atlas_cloudfront_sd/ 0
29 KB 14ms
12ms Other
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/atlas_cloudfront_sd/d46ba8856024e20f1bbf5dce13c2332e6751a30e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 08:52:08 GMT
content-encoding: br
age: 1292368
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 03 Nov 2020 08:40:23 GMT
server: nginx
etag: W/"5fa11777-1cdd6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: aNXL0sBLvr0V6UywYVkZmHQvZm67eLIz4xaXKCVL-vgu5qfXQCRHPQ==
expires: Thu, 03 Dec 2020 08:52:08 GMT

GET
H2 200 cc00388eecf926c5deff3d0e0865b5ae4f4d109d.js
cf.bstatic.com/static/js/atlas_cst_cloudfront_sd/ 0
67 KB 14ms
13ms Other
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/atlas_cst_cloudfront_sd/cc00388eecf926c5deff3d0e0865b5ae4f4d109d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 13:32:02 GMT
content-encoding: br
age: 152374
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 16 Nov 2020 13:00:06 GMT
server: nginx
etag: W/"5fb277d6-8d36e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: PS40bMFjC6mU6ZgRwr6MIWqROhAHRasHiB1Cd0tJ4FrMR6V4NM0aTg==
expires: Wed, 16 Dec 2020 13:32:02 GMT

GET
H2 200 94f19f3b06cee6e19d30a46525a5aebb9a256f5c.js
cf.bstatic.com/static/js/calendar2_cloudfront_sd/ 0
14 KB 14ms
13ms Other
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/calendar2_cloudfront_sd/94f19f3b06cee6e19d30a46525a5aebb9a256f5c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 21:22:04 GMT
content-encoding: br
age: 815372
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 15 May 2020 07:46:48 GMT
server: nginx
etag: W/"5ebe48e8-cbc0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: sm1IREu609hIXIAJWHHnmduSUWNg2r_73Aqi8F9zL8RYQbPbGHQO9w==
expires: Tue, 08 Dec 2020 21:22:04 GMT

GET
H2 200 528359eb9f21194adf8c26f81e07c6eb21a2cc89.js
cf.bstatic.com/static/js/searchresults_slick_cloudfront_sd/ 0
9 KB 15ms
13ms Other
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/searchresults_slick_cloudfront_sd/528359eb9f21194adf8c26f81e07c6eb21a2cc89.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 07:16:53 GMT
content-encoding: br
age: 1989283
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 04 Feb 2020 10:19:58 GMT
server: nginx
etag: W/"5e39454e-8f6c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: 2g3nCrc9cP6Lya6ZursUIyQjbdWzZONWCZHqPOeZVVAYOJh9y4ZvhQ==
expires: Wed, 25 Nov 2020 07:16:53 GMT

POST
H/1.1 200
OK js_tracking
www.booking.com/ 12 B
702 B 48ms
48ms Other
image/gif 5.57.16.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/js_tracking?lang=it&sid=ade3430c7db3cdd21440b716d2bc328f&pid=c37b3743259e0100&stype=1&aid=339530&ver=2&ref_action=city&m=UmFuZG9tSVYkc2RlIyh9YRaphNAKbn6KiW8MWJhsMR6iwOgHrafxfUthvDptEhZBSoZczFWMq5Ot8L4dtMNu9MTqSvBE4Y_O80xnsmGDPBxq3K6x8E1D2jgywX0Ct9oNzzz7tRFk1BZY-4LpHcdAUJiSlZv4o1rQIALvP7LeDOMb4RmVMqkct8wzc-gzSdUrcWiog9NloTm5BXzkNs8R9_TRs0mcZklvL8kTM-9rNvzwWbOvjFHhiBddACFvuhu42o0Xotpb-tT4w1Osf6Lo3sQ7qr-8WGwIHkb_418184lyUCDKADCL174NSL0meVtruUJObTuCEXXvIje6Ca85GVPXXAhY1rpr&etgwv=js_onload_resource_transfer_size|677&_=1605685896128

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/main_cloudfront_sd/1ba89ad4dca268d39894065811f7348c95c75c87.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.220 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

www.booking.com

Software

nginx /

Resource Hash

d9a55f7230942e5aa22d40adf36bafd94d3ed6719f5c56b1cbc19ab4f874d83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 18 Nov 2020 07:51:36 GMT
content-encoding: br
content-security-policy-report-only: report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=dac53744928f0081&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejIQ6QMZ-X9J25b3Bl3Nk6b6kR5PTNG726A&f=0&s=0; frame-ancestors 'none';
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/gif
strict-transport-security: max-age=604800
content-length: 35
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK logo
www.booking.com/ 12 B
617 B 94ms
47ms Image
image/gif 5.57.16.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.booking.com/logo?ver=1&sid=ade3430c7db3cdd21440b716d2bc328f&t=16056858941

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.220 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

www.booking.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 07:51:36 GMT
content-encoding: br
content-security-policy-report-only: report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=99bc374432cb00bd&e=UmFuZG9tSVYkc2RlIyh9YbpBYTW1tHKzQm3RagPTSCC0zRw2E_8_T8_ugZMb3Xnp&f=0&s=0; frame-ancestors 'none';
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/gif
strict-transport-security: max-age=604800
content-length: 35
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK js_tracking Show response
www.booking.com/ 0
709 B 63ms
62ms XHR
text/plain 5.57.16.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/js_tracking?lang=it&sid=ade3430c7db3cdd21440b716d2bc328f&pid=c37b3743259e0100&stype=1&aid=339530&ver=2&ref_action=city&ete=&etg=&etcg=&ets=fdJcVSdMWZET|1,NReaHfUEYYPOCXDOET|1&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YRaphNAKbn6KiW8MWJhsMR6iwOgHrafxfUthvDptEhZBSoZczFWMq5Ot8L4dtMNu9MTqSvBE4Y_O80xnsmGDPBxq3K6x8E1D2jgywX0Ct9oNzzz7tRFk1BZY-4LpHcdAUJiSlZv4o1rQIALvP7LeDOMb4RmVMqkct8wzc-gzSdUrcWiog9NloTm5BXzkNs8R9_TRs0mcZklvL8kTM-9rNvzwWbOvjFHhiBddACFvuhu42o0Xotpb-tT4w1Osf6Lo3sQ7qr-8WGwIHkb_418184lyUCDKADCL174NSL0meVtruUJObTuCEXXvIje6Ca85GVPXXAhY1rpr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.220 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

www.booking.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Language-Code: it
X-Booking-Client-Info: fdJcVSdMWZET|1,NReaHfUEYYPOCXDOET|1
X-Booking-CSRF: xgq1XwAAAAA=APMLwBlXdv62Vzq9VydFYmNIIzVXX8AvdnLAgu02IVYVmNNfT1nhhJQyMqgQT-9JPzmsFirmMr7Tg8wB0HFyxYVCV29xhqMzkriErO4nIIlzu4odXUT5raYXai9D8aF759jEkVm5JPY4vEHqG8RNDbO1diTrhRLiJ2cIoIzHUrxfXg5dlY53BK3LSw89zOAVzS6Cvf_55TGT7nyg
X-Booking-AID: 339530
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Booking-Label: 44595_ufi-name-multi-3-plus-rec-5_v2-
X-Partner-Channel-Id: 20
X-Booking-Pageview-Id: c37b3743259e0100
X-Booking-Info: 1133410,1170590,1214730,1214850,1216190,1220950,1221340,1228960,1231180,1232350,1234580,1236220,1236630,fdJcVSdMWZET|1,1234220|3,1236220|1,1220950|1,1236220|3,NReaHfUEYYPOCXDOET|1
Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
X-Booking-SiteType-Id: 1
X-Requested-With: XMLHttpRequest
X-Booking-Session-Id: ade3430c7db3cdd21440b716d2bc328f

Response headers

date: Wed, 18 Nov 2020 07:51:36 GMT
content-encoding: br
vary: User-Agent, Accept-Encoding
server: nginx
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=af0c37440b460094&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejLLstsxgu5uux5iHAL1utVlofgBR3hBpfE&f=0&s=0;
content-type: text/plain; charset=UTF-8
transfer-encoding: chunked
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 px_v2.min..js Show response
cf.bstatic.com/libs/perimeterx/ 68 KB
23 KB 37ms
37ms Script
application/javascript 2600:9000:214f:4800:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/libs/perimeterx/px_v2.min..js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:4800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7a24cecaadbac99e37e478cd5a0d2ab6bed0f5fa257cc2cf3fe91ff3652ea405

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 09:19:53 GMT
content-encoding: br
age: 2413903
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 28 May 2019 15:37:10 GMT
server: nginx
etag: W/"5ced55a6-10e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: K0m-PAJehvNg3G_PSn90erJiEjsNLti-8fmH5PVvmTmpfjy9kFX1EQ==
expires: Fri, 20 Nov 2020 09:19:53 GMT

POST
H2 200 collector Show response
collector-pxikkul2rm.perimeterx.net/api/v1/ 808 B
1 KB 129ms
85ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxikkul2rm.perimeterx.net/api/v1/collector
Requested by: Host: cf.bstatic.com
URL: https://cf.bstatic.com/libs/perimeterx/px_v2.min..js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e1df3801e7300482ce17e908ed3ef18ac9e95973dd5ede804957e2ec936d99e4

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 18 Nov 2020 07:51:36 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 808

POST
H/1.1 202
Accepted navigation_times Show response
www.booking.com/ 0
810 B 64ms
63ms XHR
image/jpeg 5.57.16.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/navigation_times?sid=ade3430c7db3cdd21440b716d2bc328f&pid=c37b3743259e0100&nts=0,0,1605685893597,0,0,0,0,1605685894013,1605685894014,1605685894014,1605685894014,1605685894100,1605685894027,1605685894100,1605685894396,1605685895411,1605685894400,1605685896061,1605685896061,1605685896115,1605685896120,1605685896120,1605685896128,0&first=1&cdn=cf&dc=1&bo=20&lang=it&ref_action=city&aid=339530&stype=1&route=&ua=17&ch=d&lt=&css_load=1&wn=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.220 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

www.booking.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/city/it/florence.it.html?aid=339530&label=44595_ufi-name-multi-3-plus-rec-5_v2-&checkin=2020-11-20&checkout=2020-11-21&city=-117543&selected_currency=EUR&emk=QWGEU6K5UT&emkcid=
X-Booking-CSRF: xgq1XwAAAAA=APMLwBlXdv62Vzq9VydFYmNIIzVXX8AvdnLAgu02IVYVmNNfT1nhhJQyMqgQT-9JPzmsFirmMr7Tg8wB0HFyxYVCV29xhqMzkriErO4nIIlzu4odXUT5raYXai9D8aF759jEkVm5JPY4vEHqG8RNDbO1diTrhRLiJ2cIoIzHUrxfXg5dlY53BK3LSw89zOAVzS6Cvf_55TGT7nyg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 18 Nov 2020 07:51:37 GMT
x-content-options: nosniff
server: nginx
content-security-policy-report-only: report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=8aa137441dd1011a&e=UmFuZG9tSVYkc2RlIyh9YfnWSDpdIwKzDzbKZoiCiJtDdMDDxzwNBWvsl2gU1tuwiav0QED0FNI&f=2&s=0; frame-ancestors 'none';
content-type: image/jpeg
strict-transport-security: max-age=604800
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 200 collector Show response
collector-pxikkul2rm.perimeterx.net/api/v1/ 520 B
584 B 74ms
74ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxikkul2rm.perimeterx.net/api/v1/collector
Requested by: Host: cf.bstatic.com
URL: https://cf.bstatic.com/libs/perimeterx/px_v2.min..js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 897ee807a83ed93f52c6f061b4b7416c1f864f1cb916b2fa357e43ccc8c3b39f

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 18 Nov 2020 07:51:38 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 520

POST
H2 200 collector Show response
collector-pxikkul2rm.perimeterx.net/api/v1/ 520 B
581 B 49ms
49ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxikkul2rm.perimeterx.net/api/v1/collector
Requested by: Host: cf.bstatic.com
URL: https://cf.bstatic.com/libs/perimeterx/px_v2.min..js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: eb07dfae53f4990e7b8e97d3a2a6d5f488335c23fd6bb3b3d49f4381e8da9a71

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 18 Nov 2020 07:51:40 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 520

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: platform-lookaside.fbsbx.com
URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1148734768562115&height=64&width=64&ext=1608277895&hash=AeRkGokB2GkaIupkMxg

Domain: platform-lookaside.fbsbx.com
URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10209672635836452&height=64&width=64&ext=1608277895&hash=AeTBEcePoy19dxIiOw0

Domain: graph.facebook.com
URL: https://graph.facebook.com/v2.9/10217115239943395/picture?type=square&height=64&width=64

Domain: graph.facebook.com
URL: https://graph.facebook.com/v2.9/10205010667737785/picture?type=square&height=64&width=64

Domain: graph.facebook.com
URL: https://graph.facebook.com/v2.9/10214659921545403/picture?type=square&height=64&width=64

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.booking.com/	1970-01-19 22:47:01	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Nov+18+2020+08%3A51%3A36+GMT%2B0100+(Central+European+Standard+Time)&version=6.5.0&hosts=&consentId=cd45e648-29e9-4b02-89b3-7b5f822fae67&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Fcity%2Fit%2Fflorence.it.html%3Faid%3D339530%26label%3D44595_ufi-name-multi-3-plus-rec-5_v2-%26checkin%3D2020-11-20%26checkout%3D2020-11-21%26city%3D-117543%26selected_currency%3DEUR%26emk%3DQWGEU6K5UT%26emkcid%3D&groups=C0002%3A0%2CC0004%3A0%2CC0001%3A1
.booking.com/	1970-01-19 22:47:01	Name: cors_js Value: 1
.booking.com/	1970-01-19 14:44:37	Name: b Value: %7B%22countLang%22%3A1%7D
www.booking.com/city/it	1969-12-31 23:59:59	Name: header_signin_prompt Value: 1
.booking.com/	1970-01-21 09:49:25	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCqcDFAq0h%2BiE6YRCntGl10eVAdlJU%2FPSvYIFZNk%2BbFrMfeFeFn1NtZx3%2FyMirBNmql1V1MQ62MES55fdyC7h5nHG36lyBTN20DteEN2rC3iGSP3eLE%2FLrJo0soOaff%2BQlV%2F3vVrDj%2Bff1afda7YpP1w
www.booking.com/	1970-01-19 22:47:01	Name: _pxhd Value: 37d2f0cd09716672e7fbc4d7fff4fb475d7e6f96ddb69a320fc6970f21a6b3e0%3Ae0e97960-2972-11eb-ac0f-4f27e9295a3c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
cf.bstatic.com
collector-pxikkul2rm.perimeterx.net
geolocation.onetrust.com
graph.facebook.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
link.sg.booking.com
maps.googleapis.com
platform-lookaside.fbsbx.com
www.booking.com
graph.facebook.com
platform-lookaside.fbsbx.com
151.101.14.110
2600:9000:214f:4800:1f:e2ee:200:93a1
2606:4700:10::6814:b944
2606:4700::6810:9440
2a00:1450:4001:814::200a
2a00:1450:4001:81f::2001
35.186.220.184
5.57.16.220
1669f3f3f1ab17620e0bf0b8185b9b98c1974bd953d329de46a57a13b416dcba
16a688a3640257d57bfe5f2387de39a8c353c14d80a879ec0d59b838626c52b1
16aef54bc3a4dda11a10b7e84833086e95675aecbd644a177b1d62ed6ba28a3b
16e0003dc39f4f84971f2c8b6cfe26b1201132aadf5de888797ee27732630a56
345030d498fdbd30645029918c0d0b43c95d1b75c8d9a81de1863ae169581203
38f85d3c23c851d1992860f1604cb4001eaaf9dca4d5e8b32c3d07810215c2c7
3cdef507ad19538965f94cb8c484647dd409bab361e6f3d2408c6f2c69f231a0
4332a3521e91dcc0b63accbfad404126cf0b10f888dd0916694bf23c4a456308
48bf6044861f73642109e65d08ace58060d75d35dca9c3b8d578d690923af4bd
58152349e8977d29033e96a8617c5b5699485400848518ac05dab5bee7e874c0
6153929734ec12ec07072f327c1112301828497e4dd356ca261461b0b7ba9621
64fa560524fb91bff11d914ed72adfbf30c864d4d6d2c6e598902e236451ffc0
7945f17300214c1c3b047fa213955d56a9169990f79b908ffb3da14afc511b87
7a24cecaadbac99e37e478cd5a0d2ab6bed0f5fa257cc2cf3fe91ff3652ea405
817bc91c1cc2ea39347f2687eba948394b20aa1663e8940170f1695d7af8efce
861f2142293eb28de2c5f7c6f0035847ae176dc02470bfa7fbb157bf2b89339d
897ee807a83ed93f52c6f061b4b7416c1f864f1cb916b2fa357e43ccc8c3b39f
8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f
8cb7074e25bba3f33cce6da616a0bf9bc4743dcc4a2e82c82c089ae719943a95
989d322d7d5dcbf0d70bdf5ccb512aef7ffbb4b31051cd1072bd9f711f0dcfeb
994ec33de4b9253b6abbf26965dafb40c822e0b333e334456be7ff2a6fa638fe
99b644875579d8656a179ee26a89c42e0820330b9dc013bc7d10afd17b2fddf7
9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
a0ff1db86f13d31743f7e0c4d1c45fe7953cd5089d91be2a2ce3d12f7a4beae2
a22f4e938313573515af49d6e701cd03f8fb3c9d6fbd8898a534b0787c11c046
a3668c35c677731ca1295a5f13ad82d97bc77aeb701720456f392e5bd888f2ef
a4080195c9e2b55eeb1dede9a823c742b578c24c7019c3bf817aea31b055ce4a
a78fd72e6f5d915c3e8f79a513c1bf865d7213228d504aa9184c666a140820ea
a7dea501821b67ff3b5772dd2977e6f48ab42b337058942f7a6d61fb339b41f3
a98c20990fe3e31203fe2db8384af8e05e7b358cdae3c28b034e1f02b47db630
abd844c702ac28794b712775cf03bafb928a55a2d51ff2fa2b922399ff1790ad
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
c868746e18f4ef3d9aa54e269e518c6ad9b6522bb3e44ec272bceea5e756c575
c97182623ed48a971c0118df63e2632b0a5a563f6d4d44df9547b36b924f5611
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d50a8ac15ac8ee350d4c0c4d32fe3490105b86ec25b0f503fbff39d592db8496
d89478b6988e2b97240a98d5ddd2dd24b4799719b0fe891aba554434c36247d1
d9a55f7230942e5aa22d40adf36bafd94d3ed6719f5c56b1cbc19ab4f874d83a
d9a5ed8c043ef3a4d83b1c80727420bcc8ca3ec422f378ca59e564d23ace7cb6
d9de10a19556a68c9b1593b79dc39ba306b83ddcdeeec9fceccd9731195bc21d
dbc5c6cc8dc52fe293be4d79d32c85f9e8d9baa9867653927dda0c1b905a3505
dc83f9902e6e1ee88fdf6696eba68cda0f46a92d1cc868334cf07ecb8655a505
dca199aad99fcb8fd0be754b8a2299cd5606457c2140b37e59cc649fe7e28fa2
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e1df3801e7300482ce17e908ed3ef18ac9e95973dd5ede804957e2ec936d99e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f0b833b1e3412c7175ac8ba4f59ae773cec67707961da11bd6cf754047be44
eb07dfae53f4990e7b8e97d3a2a6d5f488335c23fd6bb3b3d49f4381e8da9a71
eccf79859eecc0808c87aa3d12e6e36400f75119b5017a37a8989c67eb40391f
ef4330849bc9f4ea323ad83fc2170e19f4f3ee95118f55c6459a3aa177c14ca4
f9824e5f4727f34dd4b3f268cc3a51970a763e2e54fbe9934c44b7ffc1159e8b
fa61f361a0931ce4a152fa1f2cc68b8469eb44d0abaf45d3de1d182041062760
fb3123d5172d1b11c3df465b6c5d8c75a2ae38ff4495a78c49c80603cd4ff304

www.booking.com Open in urlscan Pro 5.57.16.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

93 %HTTPS

63 %IPv6

9 Domains

12 Subdomains

8 IPs

4 Countries

1311 kBTransfer

3497 kBSize

6 Cookies

30 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.booking.com Open in urlscan Pro
5.57.16.220 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

93 %
HTTPS

63 %
IPv6

9
Domains

12
Subdomains

8
IPs

4
Countries

1311 kB
Transfer

3497 kB
Size

6
Cookies

70 HTTP transactions
0 data transactions