www.guzobooking.com Open in urlscan Pro
81.19.215.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://guzobooking.com/
Effective URL:
https://www.guzobooking.com/
Submission: On January 24 via automatic, source certstream-suspicious (January 24th 2021, 8:14:46 pm UTC)

Summary HTTP 46 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 9 domains to perform 46 HTTP transactions. The main IP is 81.19.215.2, located in United Kingdom and belongs to BANDWIDTH-AS, GB. The main domain is www.guzobooking.com.
TLS certificate: Issued by R3 on January 24th 2021. Valid for: 3 months.

This is the only time www.guzobooking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	81.19.215.2 81.19.215.2	25369 (BANDWIDTH-AS) (BANDWIDTH-AS)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3036::ac43:a62d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:44ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.85.156.106 52.85.156.106	16509 (AMAZON-02) (AMAZON-02)
1	185.106.81.236 185.106.81.236	7979 (SERVERS-COM) (SERVERS-COM)
2	188.42.198.252 188.42.198.252	7979 (SERVERS-COM) (SERVERS-COM)
1	34.200.18.250 34.200.18.250	14618 (AMAZON-AES) (AMAZON-AES)
46	12

25 81.19.215.2 (United Kingdom) 1 redirects

ASN25369 (BANDWIDTH-AS, GB)
PTR: indigo.cloudns.io

guzobooking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.guzobooking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::ac43:a62d (United States)

ASN13335 (CLOUDFLARENET, US)

tp.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:44ed (United States)

ASN13335 (CLOUDFLARENET, US)

st.avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.156.106 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-156-106.ath50.r.cloudfront.net

widget.getyourguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.81.236 (Netherlands)

ASN7979 (SERVERS-COM, US)

avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.198.252 (Luxembourg)

ASN7979 (SERVERS-COM, US)

www.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
suggest.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.18.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-18-250.compute-1.amazonaws.com

www.ivisa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	guzobooking.com 1 redirects guzobooking.com www.guzobooking.com	2 MB
7	gstatic.com fonts.gstatic.com	84 KB
5	tp.media tp.media	135 KB
3	getyourguide.com widget.getyourguide.com	9 KB
2	travelpayouts.com www.travelpayouts.com suggest.travelpayouts.com	597 B
2	avsplow.com st.avsplow.com avsplow.com	14 KB
1	ivisa.com www.ivisa.com
1	cloudflare.com cdnjs.cloudflare.com	19 KB
1	googleapis.com fonts.googleapis.com	2 KB
46	9

	Domain	Requested by
24	www.guzobooking.com	www.guzobooking.com
7	fonts.gstatic.com	fonts.googleapis.com
5	tp.media	www.guzobooking.com tp.media
3	widget.getyourguide.com	www.guzobooking.com widget.getyourguide.com
1	suggest.travelpayouts.com	cdnjs.cloudflare.com
1	www.ivisa.com	www.guzobooking.com
1	www.travelpayouts.com	cdnjs.cloudflare.com
1	avsplow.com	st.avsplow.com
1	cdnjs.cloudflare.com	tp.media
1	st.avsplow.com	tp.media
1	fonts.googleapis.com	www.guzobooking.com
1	guzobooking.com	1 redirects
46	12

This site contains links to these domains. Also see Links.

Domain
hotels.guzobooking.com

Subject Issuer	Validity	Valid
*.guzobooking.com R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-06` - `2021-07-06`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
getyourguide.com Amazon	`2020-05-30` - `2021-06-30`	a year	crt.sh
avsplow.com R3	`2020-12-11` - `2021-03-11`	3 months	crt.sh
*.travelpayouts.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-02` - `2022-02-07`	2 years	crt.sh
ivisa.com Amazon	`2020-04-02` - `2021-05-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.guzobooking.com/
Frame ID: 1ED4BAF3CF23EB1011893C7731FF1DB9
Requests: 55 HTTP requests in this frame

Frame: https://www.ivisa.com/widgets/visa-checker?utm_source=guzobookings&background_color=bg-blue-500&widget_width=728&widget_height=90
Frame ID: 900C25400063A3C8ABCAF1A8EB3B1D36
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://guzobooking.com/ HTTP 301
https://www.guzobooking.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

46
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

12
IPs

5
Countries

2273 kB
Transfer

4362 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: http://hotels.guzobooking.com/hotels?destination=Addis%20Ababa
Title: Explore

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Mekelle
Title: Explore

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Hawassa
Title: Explore

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Adama
Title: Explore

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Bahir%20Dar
Title: Explore

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Sodo
Title: Explore

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Dessie
Title: Explore

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Bishoftu
Title: Explore

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Nigeria
Title: Read More

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Egypt
Title: Read More

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Tanzania
Title: Read More

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=DR%20Congo
Title: Read More

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=South%20Africa
Title: Read More

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Kenya
Title: Read More

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Uganda
Title: Read More

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/hotels?destination=Algeria
Title: Read More

Search URL Search Domain Scan URL

URL: http://hotels.guzobooking.com/
Title: Book a tour

Search URL Search Domain Scan URL

URL: https://hotels.guzobooking.com/hotels?destination=Harare
Title: Hotels in Zimbabwe

Search URL Search Domain Scan URL

URL: https://hotels.guzobooking.com/hotels?destination=Conakry
Title: Hotels in Guinea

Search URL Search Domain Scan URL

URL: https://hotels.guzobooking.com/hotels?destination=Kigali
Title: Hotels in Rwanda

Search URL Search Domain Scan URL

URL: https://hotels.guzobooking.com/hotels?destination=Benin
Title: Hotels in Nigeria

Search URL Search Domain Scan URL

URL: https://hotels.guzobooking.com/hotels?destination=Addis+Ababa
Title: Hotels in Ethiopia

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://guzobooking.com/ HTTP 301
https://www.guzobooking.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.guzobooking.com/
Redirect Chain

https://guzobooking.com/
https://www.guzobooking.com/

169 KB
26 KB

112ms
86ms

Document
text/html

81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

c5dc6dae0b87290872140986c489c65e5f6b350cae7cf225e2e239c14d4888c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.guzobooking.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Sun, 24 Jan 2021 20:14:23 GMT
content-type: text/html; charset=UTF-8
content-length: 26397
cache-control: public, max-age=0
expires: Sun, 24 Jan 2021 20:14:23 GMT
last-modified: Sun, 24 Jan 2021 20:14:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
x-turbo-charged-by: LiteSpeed
cluster-host: indigo.cloudns.io

Redirect headers

server: nginx
date: Sun, 24 Jan 2021 20:14:23 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.2.34
x-redirect-by: WordPress
location: https://www.guzobooking.com/
cache-control: public, max-age=0
expires: Sun, 24 Jan 2021 20:14:23 GMT
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
x-turbo-charged-by: LiteSpeed
cluster-host: indigo.cloudns.io

GET
H2 200 css
fonts.googleapis.com/ 57 KB
2 KB 28ms
27ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2Cregular%2Cregular%2Cregular%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlay%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3664a65fb308c95a20777272414173080b54f56b674f1c72430aa9d258f1b208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 20:14:24 GMT
server: ESF
date: Sun, 24 Jan 2021 20:14:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jan 2021 20:14:24 GMT

GET
H2 200 e8a436817df42f4ded31f565e76a86d9.css
www.guzobooking.com/wp-content/cache/min/1/ 770 KB
99 KB 125ms
124ms Stylesheet
text/css 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

c9fcf76254e9b407c59039a3c8dbb6da233bdd7e89ab2eea6cf766b34646ada6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 100633
x-xss-protection: 1; mode=block
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Dec 2020 08:34:16 GMT
server: nginx
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cluster-host: indigo.cloudns.io
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 fa-solid-900.woff2
www.guzobooking.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 74 KB
75 KB 153ms
152ms Font
font/woff2 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guzobooking.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.guzobooking.com
Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 76084
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 Nov 2020 04:32:13 GMT
server: nginx
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=10368000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 May 2021 20:14:24 GMT

GET
H2 200 fa-regular-400.woff2
www.guzobooking.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 13 KB
14 KB 83ms
82ms Font
font/woff2 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guzobooking.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.guzobooking.com
Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 13576
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 Nov 2020 04:32:13 GMT
server: nginx
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=10368000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 May 2021 20:14:24 GMT

GET
H2 200 fl-icons.woff2
www.guzobooking.com/wp-content/themes/flatsome/assets/css/icons/ 6 KB
7 KB 88ms
87ms Font
font/woff2 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guzobooking.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.guzobooking.com
Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 6536
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Dec 2020 15:54:48 GMT
server: nginx
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=10368000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 May 2021 20:14:24 GMT

GET
H2 200 jquery.js Show response
www.guzobooking.com/wp-includes/js/jquery/ 95 KB
33 KB 104ms
104ms Script
application/javascript 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guzobooking.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 32853
x-xss-protection: 1; mode=block
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 May 2019 08:55:54 GMT
server: nginx
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000,public, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cluster-host: indigo.cloudns.io
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 content Show response
tp.media/ 101 KB
22 KB 80ms
63ms Script
application/javascript 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tp.media/content?promo_id=4041&shmarker=303140&campaign_id=100&trs=5410&searchUrl=flights.guzobooking.com%2Fflights&locale=en&currency=usd&powered_by=false&one_way=false&only_direct=false&period=year&range=7%2C14&show_logo=false&primary=%230C73FE&achieve=%2345AD35

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eb47e25220a3ae59963c093a83112cce4852a86bc3f958b01b04e6b3d961559

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-h2-pushed: </cascoon/common.d864d95d327f99bc043a.js>
x-promo-id: 4041
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d7a19d1a0000d729d6381000000001
x-request-id: 6ce3fb77f622e0c182b15711625fc2d6
server: cloudflare
etag: W/"f93ea95237d807f5dac5c66315d4753357690bbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5NWfZ6f2kTY0WjCeq6ZIJ4F4uLdI5Wxo3YCbuk5n41%2BpVFUaTBASOaub2Z1afYIqimoUdG5bhI09B4RtwgbZuTnCcyrX4%2FbPZbK8ZmaLTjr6Vs9LqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=0
cf-ray: 616c6ba82abbd729-FRA
link: </cascoon/common.d864d95d327f99bc043a.js>; rel=preload; as=script

GET
H2 200 lazyload.min.js Show response
www.guzobooking.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 67ms
66ms Script
application/javascript 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guzobooking.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 2570
x-xss-protection: 1; mode=block
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 19:50:36 GMT
server: nginx
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000,public, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cluster-host: indigo.cloudns.io
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 2a80bd4220d2967443d29461a592f01d.js Show response
www.guzobooking.com/wp-content/cache/min/1/ 725 KB
182 KB 105ms
105ms Script
application/javascript 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guzobooking.com/wp-content/cache/min/1/2a80bd4220d2967443d29461a592f01d.js

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

a74c0cc2985896ecbb3f07de27e4e5f743a5fa3828a2538a4e518cd7cd4f4141

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 185830
x-xss-protection: 1; mode=block
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Dec 2020 08:34:16 GMT
server: nginx
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000,public, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cluster-host: indigo.cloudns.io
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 common.d864d95d327f99bc043a.js Show response
tp.media/cascoon/ 482 KB
97 KB 34ms
0ms Script
application/javascript 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tp.media/cascoon/common.d864d95d327f99bc043a.js

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9e6e20998800c2283e69544e2dfc6e0f1aebee0a5cf8317c2fd6f6ff612d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 913259
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d7a19d530000d7295b391000000001
last-modified: Thu, 14 Jan 2021 06:25:06 GMT
server: cloudflare
etag: W/"5fffe3c2-78795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qczJItOJ1VpKMQyLDot5UinVaHmqk%2FNDND82dE6rCwa2L5S3R9XPfEYYHy81lVwMIkA2hKjgXXPEq2FTAiHSH3ZQZqegaVtJ8Z94S3gR1wxlQ4x69w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 616c6ba88b5fd729-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5717ca23d709412273363eeec758a20b45b769f719d865119f3b753579fb6a9b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2Cregular%2Cregular%2Cregular%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlay%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guzobooking.com
Referer: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2Cregular%2Cregular%2Cregular%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlay%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 13:52:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 109340
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sun, 23 Jan 2022 13:52:04 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guzobooking.com
Referer: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2Cregular%2Cregular%2Cregular%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlay%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 06:27:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 222394
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sat, 22 Jan 2022 06:27:50 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47d55bd6eea9d09456ed7ff5ff4770b4597af84fd10073117cce8087f248c1cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 maxresdefault.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 230 KB
230 KB 74ms
74ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/maxresdefault.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

7fe7fe19b1bc1ab5f6a334c38cbd702e24307ec2a0c5a5dfbc8ce930b500f846

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 235126
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:15:43 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H3-Q050 200 6ae84K2oVqwItm4TCpAy2lvQNTI.woff2
fonts.gstatic.com/s/play/v12/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v12/6ae84K2oVqwItm4TCpAy2lvQNTI.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

940c14c9d24e05484c79b01c7bea21a92c72e361428e791671e99a41f46afa36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guzobooking.com
Referer: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2Cregular%2Cregular%2Cregular%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlay%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:19:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:49:47 GMT
server: sffe
age: 255314
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9960
x-xss-protection: 0
expires: Fri, 21 Jan 2022 21:19:10 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guzobooking.com
Referer: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2Cregular%2Cregular%2Cregular%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlay%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 15:35:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 275931
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 21 Jan 2022 15:35:33 GMT

GET
H2 200 sp.js Show response
st.avsplow.com/19.18.11/ 42 KB
14 KB 39ms
15ms Script
application/javascript 2606:4700:20::ac43:44ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.avsplow.com/19.18.11/sp.js
Requested by: Host: tp.media
URL: https://tp.media/content?promo_id=4041&shmarker=303140&campaign_id=100&trs=5410&searchUrl=flights.guzobooking.com%2Fflights&locale=en&currency=usd&powered_by=false&one_way=false&only_direct=false&period=year&range=7%2C14&show_logo=false&primary=%230C73FE&achieve=%2345AD35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e8f537145a37e6152c09f43181908275d093e501a2d935dd7922c79b8470f51

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 9160
cf-request-id: 07d7a19ddc000005f11c014000000001
last-modified: Sun, 15 Nov 2020 04:17:05 GMT
server: cloudflare
etag: W/"5fb0abc1-a6b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9yR1Kl4Zn%2F5Cgw9TRor9sS9pY92yLRy%2FeMXqi%2FEC3FpNpqJWi2adzY74BpyFK3xWu%2FYsV2kC5OhEAtvlLJ7nTbsqJ7gUrnR9vKlFz4NJAd1WAsPjZvkby9yGPQ%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 616c6ba95b7d05f1-FRA
expires: Sun, 24 Jan 2021 21:41:44 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 28ms
28ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: tp.media
URL: https://tp.media/content?promo_id=4041&shmarker=303140&campaign_id=100&trs=5410&searchUrl=flights.guzobooking.com%2Fflights&locale=en&currency=usd&powered_by=false&one_way=false&only_direct=false&period=year&range=7%2C14&show_logo=false&primary=%230C73FE&achieve=%2345AD35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.guzobooking.com
Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 949348
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18862
cf-request-id: 07d7a19dc80000c277db8b7000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M52%2FHzw36G7jQEOhgM5x7Zb6p2lATi15GuGLtT%2Ft1j7FgsmIOuJKItgFRX2tJjNvQs%2F8LtswOf0E9SyARcV7q7AX4gzuUbdUr3MxN%2Fs0P%2FIoUafXnnbaq9wQQ6KsoLr4rA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 616c6ba93fb9c277-FRA
expires: Fri, 14 Jan 2022 20:14:24 GMT

GET
H2 200 Sheraton_Hotel_Addis_Ababa-1.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 102 KB
103 KB 87ms
86ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/Sheraton_Hotel_Addis_Ababa-1.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

fb52bb9a0d88840a2800ac963f64e47f789be8645de7490151d0f00aaafdaa94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 104704
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:14:42 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 1.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 49 KB
50 KB 82ms
81ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/1.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

b501dfeecc663846dd84dc9a150f44caaa86a0a64d1870fb84f18798b9ceb0b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 50428
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:14:19 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 la-residence-hotel-spa.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 55 KB
56 KB 102ms
102ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/la-residence-hotel-spa.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

0f48d30af798c311417de597394bcec7e59d0edf4f6b29467b71160380d7aaa9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 56304
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:15:30 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guzobooking.com
Referer: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2Cregular%2Cregular%2Cregular%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlay%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 19:56:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 173869
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 22 Jan 2022 19:56:35 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guzobooking.com
Referer: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2Cregular%2Cregular%2Cregular%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlay%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 18 Jan 2021 22:21:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 510784
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 18 Jan 2022 22:21:20 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26ae64ca22c48cea2cff096ccb5fb79e5255aaff58e2449ba48794fdc0e089ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6716851c299635fdb6b5fb4f6150faf10cf7e1a6bb1787afc513cc4b5326ca4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 753a8b76f05e2ea2a4c38d65fcad2c107892fc3921483596808a643c149dcb53

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8ef2258432c8b20ebd00da50594955cef532e11577e9a25a6a085201eb23196

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ebc382aad2d99602150a56d4b218f24fb1c592486754f219924995a1b59c5d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c8f8dba5bc9970b221204d9d414cdbc6e484f6222b69c9a271aae3e145afe4b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 618130a38e593a1ab72bbb054a98608639560e16d9f2713ece2b68eda0596d14

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4.8dc5d3ed54b5108bd6cd.chunk.js Show response
tp.media/cascoon/ 16 KB
5 KB 33ms
33ms Script
application/javascript 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tp.media/cascoon/4.8dc5d3ed54b5108bd6cd.chunk.js

Requested by

Host: tp.media
URL: https://tp.media/cascoon/common.d864d95d327f99bc043a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

417c0f2f0eb07f370dadd3fd1df6bc937e3fad7b12fda3cb42cb122bd1d86e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1079688
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d7a19e580000d729a20cd000000001
last-modified: Tue, 12 Jan 2021 08:11:20 GMT
server: cloudflare
etag: W/"5ffd59a8-3f1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UrcZBxH%2BTVNMEc98ClNlOIZ1gnZNc2YZ6uoiWdEStAIyfYRI103j0mxgehoYuUCntOOQCdlb0mf8FHzFGpP0qGqSRrK8MuHeH5w%2Bi0CPMSjElAB%2Fzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 616c6baa1e77d729-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.90ede40f25daa219b7a0.chunk.js Show response
tp.media/cascoon/ 67 KB
10 KB 22ms
22ms Script
application/javascript 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tp.media/cascoon/3.90ede40f25daa219b7a0.chunk.js

Requested by

Host: tp.media
URL: https://tp.media/cascoon/common.d864d95d327f99bc043a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc29358be7a2e32c501ad9b1684e2e9c0a7e68654a548f13a01e35a0fb0e8a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1079688
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d7a19e540000d7299f833000000001
last-modified: Tue, 12 Jan 2021 08:11:20 GMT
server: cloudflare
etag: W/"5ffd59a8-10a56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FTZJtutrfRvEOKT0GbIw7Qg6qB3HrZZnKoHyoQ7n1lAkT4yhaqkP9g1%2FnYIWwh%2FtngXd%2FpAR7lYJXJiv2bY2IjnA4393Ds1v16mfLyhdockOAfZomg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 616c6baa2e7ad729-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 schedule_loader.svg
tp.media/cascoon/ 431 B
622 B 13ms
13ms Image
image/svg+xml 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tp.media/cascoon/schedule_loader.svg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bb07f0aa89435e3c7aaa6e6f0981fcd3c5d01d88e61a54140d6e975c15f4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7147590
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07d7a19e550000d7295b3a4000000001
last-modified: Mon, 02 Nov 2020 06:51:42 GMT
server: cloudflare
etag: W/"5f9fac7e-1af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c6z%2BFF%2Fem3%2BpWwXR0qhDPE55kKRVOU%2Bns%2FjAwI44zfYNkFUE3MtmQ8R%2BpmFw%2FZerQ%2FSUgYBOgN062CVPK3%2Bh5GIhZzF%2FwxV0uvpbl5sJlqvakRKW2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 616c6baa2e7cd729-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 widget-main.js
widget.getyourguide.com/v2/ 0
0 476ms
343ms Script
text/plain 52.85.156.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getyourguide.com/v2/widget-main.js?1611519264391&origin=https://www.guzobooking.com&partnerId=OS5BCYN
Requested by: Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/2a80bd4220d2967443d29461a592f01d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.156.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-156-106.ath50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pa.umd.production.min.js Show response
widget.getyourguide.com/dist/ 980 B
1 KB 198ms
65ms Script
application/javascript 52.85.156.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js
Requested by: Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/2a80bd4220d2967443d29461a592f01d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.156.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-156-106.ath50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0de80b247b2be4e6707ae03a75360b71e084ee63cb6185319556eee34aeb11e6

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 19:58:38 GMT
via: 1.1 d25f94f2d8cb5a09e7453f0d9bc58eae.cloudfront.net (CloudFront)
last-modified: Tue, 08 Dec 2020 17:34:35 GMT
server: AmazonS3
age: 947
etag: "675941698d3f345f67ca6843c4697049"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600, public, must-revalidate
x-amz-cf-pop: ATH50-C1
accept-ranges: bytes
content-length: 980
x-amz-cf-id: 8LvrqU4THQF-8JWuOCRC0YMkqsqIZdvy2eaeYYL9SlvY56ebSrSXYg==

POST
H2 200 j
avsplow.com/a/ 2 B
341 B 123ms
38ms Other
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.11/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.guzobooking.com
date: Sun, 24 Jan 2021 20:14:24 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H2 200 whereami Show response
www.travelpayouts.com/ 95 B
238 B 181ms
75ms Fetch
application/json 188.42.198.252
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/whereami?locale=en
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 4fae8f512fc6960e549ae00fea968bc0e2f548dfc144fe5211afdc11cb0a2c46

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
accept: application/json
date: Sun, 24 Jan 2021 20:14:24 GMT
server: nginx
content-length: 95
x-request-id: bcd97d8c86058f4f8b88d035dbc292e5
content-type: application/json

GET
H2 200 en.png
www.guzobooking.com/wp-content/plugins/gtranslate/flags/24/ 2 KB
2 KB 52ms
52ms Image
image/png 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/plugins/gtranslate/flags/24/en.png

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 1767
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 Nov 2020 05:28:37 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=10368000,public, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 May 2021 20:14:24 GMT

GET
H2 200 fabicon20icon20yellow.png
www.guzobooking.com/wp-content/uploads/2020/12/ 2 KB
2 KB 53ms
53ms Image
image/png 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/12/fabicon20icon20yellow.png

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

42875dd9c2b0e0096569abc11800fb06f2436cda3319c2452f3ddcd8a0f6b93c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 1754
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Dec 2020 08:38:43 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=10368000,public, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 May 2021 20:14:24 GMT

GET
H2 200 visa-checker
www.ivisa.com/widgets/ Frame 900C 0
0 794ms
538ms Document
text/html 34.200.18.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivisa.com/widgets/visa-checker?utm_source=guzobookings&background_color=bg-blue-500&widget_width=728&widget_height=90
Requested by: Host: www.guzobooking.com
URL: https://www.guzobooking.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.18.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-18-250.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: www.ivisa.com
:scheme: https
:path: /widgets/visa-checker?utm_source=guzobookings&background_color=bg-blue-500&widget_width=728&widget_height=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.guzobooking.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.guzobooking.com/

Response headers

date: Sun, 24 Jan 2021 20:14:25 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: max-age=900, public
expires: Sun, 24 Jan 2021 20:29:25 GMT
pragma: public
x-nx-cache: MISS
content-encoding: gzip

GET
H2 200 71713454.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 48 KB
48 KB 60ms
59ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/71713454.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

4420bc559964f678dd44961dd606b9e0feb95af89b4309c36e90430293519356

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 48954
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:14:28 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 delano-hotel-bahir-dar.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 20 KB
20 KB 60ms
59ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/delano-hotel-bahir-dar.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

d9687306958520eebdae45751ccb6d0c52de9557031d8ce6d3f16e49406cf48a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 20246
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:15:11 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 Sodo.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 78 KB
78 KB 59ms
59ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/Sodo.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

0140ffb0d2f5d6be16777eae06ac33dd1848c353fcdb30906870a24cc39c37b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 79552
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:14:43 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 Dessie1.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 88 KB
89 KB 61ms
61ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/Dessie1.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

6ba002bc2157b8d022bd91461b589c7ed884210a18e710ed254a34f484446953

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 90478
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:14:33 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 Shashamane.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 92 KB
93 KB 63ms
63ms Image
image/jpeg 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/Shashamane.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

49a76760aabb8b73c042c8fc5f97638b64f9b186c0ea71c8c3754b1c63033a94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 94326
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 Nov 2020 07:28:31 GMT
server: nginx
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 May 2021 20:14:24 GMT

GET
H2 200 offer-bg.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 58 KB
59 KB 56ms
55ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/offer-bg.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

7569cffb64993021e3cce0f02ddc6e9100a40f955515799c58b0b854b403ba9e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 59552
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:15:45 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.guzobooking.com
Referer: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2Cregular%2Cregular%2Cregular%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlay%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 12:59:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 198884
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Sat, 22 Jan 2022 12:59:40 GMT

GET
H2 200 kuroyu_7936.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 226 KB
227 KB 56ms
56ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/kuroyu_7936.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

bbc62349c04cfc601501f5b49c63ec8d4b8fc70848678b041f9801824efc3ce5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 231924
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:15:30 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 map.png
www.guzobooking.com/wp-content/uploads/2020/11/ 250 KB
251 KB 117ms
117ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/map.png

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

cfb746573ff3f7d88d8371ab1803e26aa86e2ed16f3a0261aab26f035bdc4268

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/wp-content/cache/min/1/e8a436817df42f4ded31f565e76a86d9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 256040
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:15:41 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 pa-main.1607448860366_bc71758d47f5f74b5ca9482bcd1d61eb5f676a59.umd.production.min.js Show response
widget.getyourguide.com/dist/ 24 KB
7 KB 71ms
70ms Script
application/javascript 52.85.156.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getyourguide.com/dist/pa-main.1607448860366_bc71758d47f5f74b5ca9482bcd1d61eb5f676a59.umd.production.min.js
Requested by: Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.156.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-156-106.ath50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24bb587c60b0b81a6d117f31965c69c6f41c766b615eb97871e2592873d9081f

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 19:59:20 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 17:34:35 GMT
server: AmazonS3
age: 905
etag: W/"7eb403d67006d68ea85d8c355c7e6dec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d25f94f2d8cb5a09e7453f0d9bc58eae.cloudfront.net (CloudFront)
cache-control: max-age=3600, public, must-revalidate
x-amz-cf-pop: ATH50-C1
x-amz-cf-id: onYov8bxAqo4PiaThy23ySKQoPC5rYWTXQYtXM_ozBm7bvJd2_eZVQ==

GET
H2 200 228320817.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 40 KB
40 KB 63ms
62ms Image
image/jpeg 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/228320817.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

fc138be48cdb8329a6aa04fb95902b081565b4a82cafa3e1fd1e5a9e53e34b6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 40712
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 Nov 2020 07:55:38 GMT
server: nginx
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 May 2021 20:14:24 GMT

GET
H2 200 103e5bca-c0aa-4f3f-8546-b81d6dcbad02.jpg
www.guzobooking.com/wp-content/uploads/2020/11/ 219 KB
220 KB 63ms
63ms Image
image/webp 81.19.215.2
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guzobooking.com/wp-content/uploads/2020/11/103e5bca-c0aa-4f3f-8546-b81d6dcbad02.jpg

Requested by

Host: www.guzobooking.com
URL: https://www.guzobooking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.215.2 , United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

indigo.cloudns.io

Software

nginx /

Resource Hash

e0c8abe2eea68cc8c68fed32152924180991a10f3cd0e87dc0f0ebd481a9128f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 20:14:24 GMT
x-content-type-options: nosniff
cluster-host: indigo.cloudns.io
alt-svc: quic=":4430"; ma=2592000; v="43,46", h3-Q043=":4430"; ma=2592000, h3-Q046=":4430"; ma=2592000, h3-Q050=":4430"; ma=2592000, h3-25=":4430"; ma=2592000, h3-27=":4430"; ma=2592000
content-length: 224386
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Dec 2020 21:14:20 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, max-age=864000, max-age=864000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Mon, 24 Jan 2022 20:14:24 GMT

GET
H2 200 data_api Show response
suggest.travelpayouts.com/ 919 B
359 B 152ms
151ms Fetch
application/json 188.42.198.252
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://suggest.travelpayouts.com/data_api?service=calendar_aviasales_year&origin_iata=ZRH&currency=usd&destination_iata=&one_way=false&min_trip_duration=7&max_trip_duration=14&only_direct=false&month=&host=flights.guzobooking.com/flights
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fde861a10a8356ef41f66fbba05efb06e1a48086cef459d24f4086bc7ec5074

Request headers

Referer: https://www.guzobooking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cache-ttl: 0
date: Sun, 24 Jan 2021 20:14:25 GMT
content-encoding: gzip
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
x-request-id: bb223dc893ee6d93f7dd5016eedc004d

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avsplow.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
guzobooking.com
st.avsplow.com
suggest.travelpayouts.com
tp.media
widget.getyourguide.com
www.guzobooking.com
www.ivisa.com
www.travelpayouts.com
185.106.81.236
188.42.198.252
2606:4700:20::ac43:44ed
2606:4700:3036::ac43:a62d
2606:4700::6810:125e
2a00:1450:4001:801::2003
2a00:1450:4001:808::2003
2a00:1450:4001:81a::200a
34.200.18.250
52.85.156.106
81.19.215.2
0140ffb0d2f5d6be16777eae06ac33dd1848c353fcdb30906870a24cc39c37b9
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0de80b247b2be4e6707ae03a75360b71e084ee63cb6185319556eee34aeb11e6
0eb47e25220a3ae59963c093a83112cce4852a86bc3f958b01b04e6b3d961559
0f48d30af798c311417de597394bcec7e59d0edf4f6b29467b71160380d7aaa9
10bb07f0aa89435e3c7aaa6e6f0981fcd3c5d01d88e61a54140d6e975c15f4b6
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
24bb587c60b0b81a6d117f31965c69c6f41c766b615eb97871e2592873d9081f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26ae64ca22c48cea2cff096ccb5fb79e5255aaff58e2449ba48794fdc0e089ab
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
3664a65fb308c95a20777272414173080b54f56b674f1c72430aa9d258f1b208
3e8f537145a37e6152c09f43181908275d093e501a2d935dd7922c79b8470f51
3ebc382aad2d99602150a56d4b218f24fb1c592486754f219924995a1b59c5d2
417c0f2f0eb07f370dadd3fd1df6bc937e3fad7b12fda3cb42cb122bd1d86e34
42875dd9c2b0e0096569abc11800fb06f2436cda3319c2452f3ddcd8a0f6b93c
4420bc559964f678dd44961dd606b9e0feb95af89b4309c36e90430293519356
47d55bd6eea9d09456ed7ff5ff4770b4597af84fd10073117cce8087f248c1cd
49a76760aabb8b73c042c8fc5f97638b64f9b186c0ea71c8c3754b1c63033a94
4fae8f512fc6960e549ae00fea968bc0e2f548dfc144fe5211afdc11cb0a2c46
5717ca23d709412273363eeec758a20b45b769f719d865119f3b753579fb6a9b
5c8f8dba5bc9970b221204d9d414cdbc6e484f6222b69c9a271aae3e145afe4b
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
618130a38e593a1ab72bbb054a98608639560e16d9f2713ece2b68eda0596d14
6ba002bc2157b8d022bd91461b589c7ed884210a18e710ed254a34f484446953
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
753a8b76f05e2ea2a4c38d65fcad2c107892fc3921483596808a643c149dcb53
7569cffb64993021e3cce0f02ddc6e9100a40f955515799c58b0b854b403ba9e
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7fe7fe19b1bc1ab5f6a334c38cbd702e24307ec2a0c5a5dfbc8ce930b500f846
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
8fde861a10a8356ef41f66fbba05efb06e1a48086cef459d24f4086bc7ec5074
940c14c9d24e05484c79b01c7bea21a92c72e361428e791671e99a41f46afa36
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9d9e6e20998800c2283e69544e2dfc6e0f1aebee0a5cf8317c2fd6f6ff612d57
a74c0cc2985896ecbb3f07de27e4e5f743a5fa3828a2538a4e518cd7cd4f4141
b501dfeecc663846dd84dc9a150f44caaa86a0a64d1870fb84f18798b9ceb0b1
bbc62349c04cfc601501f5b49c63ec8d4b8fc70848678b041f9801824efc3ce5
bc29358be7a2e32c501ad9b1684e2e9c0a7e68654a548f13a01e35a0fb0e8a3f
c5dc6dae0b87290872140986c489c65e5f6b350cae7cf225e2e239c14d4888c3
c8ef2258432c8b20ebd00da50594955cef532e11577e9a25a6a085201eb23196
c9fcf76254e9b407c59039a3c8dbb6da233bdd7e89ab2eea6cf766b34646ada6
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cfb746573ff3f7d88d8371ab1803e26aa86e2ed16f3a0261aab26f035bdc4268
d6716851c299635fdb6b5fb4f6150faf10cf7e1a6bb1787afc513cc4b5326ca4
d9687306958520eebdae45751ccb6d0c52de9557031d8ce6d3f16e49406cf48a
e0c8abe2eea68cc8c68fed32152924180991a10f3cd0e87dc0f0ebd481a9128f
fb52bb9a0d88840a2800ac963f64e47f789be8645de7490151d0f00aaafdaa94
fc138be48cdb8329a6aa04fb95902b081565b4a82cafa3e1fd1e5a9e53e34b6c

www.guzobooking.com Open in urlscan Pro 81.19.215.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

55 %IPv6

9 Domains

12 Subdomains

12 IPs

5 Countries

2273 kBTransfer

4362 kBSize

0 Cookies

22 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.guzobooking.com Open in urlscan Pro
81.19.215.2 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

12
IPs

5
Countries

2273 kB
Transfer

4362 kB
Size

0
Cookies

46 HTTP transactions
10 data transactions