urlscan.io logo urlscan.io
SecurityTrails logo

candobooking.com Open in urlscan Pro
2606:4700:3033::681b:9868  Public Scan

Go To Rescan Add Verdict Report
URL: https://candobooking.com/
Submission: On October 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3033::681b:9868, located in United States and belongs to CLOUDFLARENET, US. The main domain is candobooking.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 24th 2020. Valid for: a year.
This is the only time candobooking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.28.89.112 16509 (AMAZON-02)
1 2001:8d8:100f... 8560 (ONEANDONE...)
1 217.111.226.190 8220 (COLT COLT...)
1 2001:41d0:d:7... 16276 (OVH)
14 8
4    2606:4700:3033::681b:9868 (United States)

ASN13335 (CLOUDFLARENET, US)
candobooking.com
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.28.89.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: list.unimondo.org
www.terranuova.it
1    2001:8d8:100f:f000::270 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
www.oshopulsation.it
1    217.111.226.190 (Italy)

ASN8220 (COLT COLT Technology Services Group Limited, GB)
PTR: www.ilgiardinodeilibri.it
cs.ilgiardinodeilibri.it
1    2001:41d0:d:7b3::3 (France)

ASN16276 (OVH, FR)
osho.it
Domain Requested by
4 candobooking.com candobooking.com
3 fonts.gstatic.com candobooking.com
2 www.youtube.com candobooking.com
1 osho.it
1 cs.ilgiardinodeilibri.it
1 www.oshopulsation.it
1 www.terranuova.it
0 ajax.bingapis.com Failed candobooking.com
14 8

This site contains links to these domains. Also see Links.

Domain
xsglnbt.csr-ua.info
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-24 -
2021-10-23		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
terranuova.it
Let's Encrypt Authority X3		 2020-09-01 -
2020-11-30		 3 months crt.sh
*.oshopulsation.it
Encryption Everywhere DV TLS CA - G1		 2020-10-20 -
2021-11-02		 a year crt.sh
www.ilgiardinodeilibri.it
Starfield Secure Certificate Authority - G2		 2019-09-21 -
2021-11-20		 2 years crt.sh
osho.it
cPanel, Inc. Certification Authority		 2020-09-01 -
2020-11-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://candobooking.com/
Frame ID: 2B2DE085F6253ACF676EA0BA822E34AF
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8_6yB6fkdag
Frame ID: 093212BFA89B00AF78BFA87AECFC2505
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_cmbQiC67dk
Frame ID: E775DFDF8B7CC208C6FB2FC467A720CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

93 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

652 kB
Transfer

702 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
candobooking.com/ 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://candobooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a17022fddfe2c0bf6da73c34a138db0cbdee1127a3c272dff30a06767cbe7ca4

Request headers

:method
GET
:authority
candobooking.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 24 Oct 2020 05:06:04 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d54b27c056c57b7f3ade5b71c64e7fbd01603515964; expires=Mon, 23-Nov-20 05:06:04 GMT; path=/; domain=.candobooking.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
x-fastcgi-cache
MISS
cf-cache-status
DYNAMIC
cf-request-id
05fa98f32600002bca16355000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g8NoGyhQVq0hjE42B%2F3mYwx8miw%2BhnnjvmzSDkqLwAWRUFF7YLggazT7gYlRnflb7DrkwHS%2F96pzTbSU6Cbu0DN6v02UTOxHm4qpzm73MpBbnWJ%2BkhMD1aCEx%2F0L"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e712a983b6b2bca-FRA
content-encoding
br
jquery.min.js
ajax.bingapis.com/ajax/libs/jquery/2.1.3/ 		0
0
style.css
candobooking.com/ 		62 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candobooking.com/style.css
Requested by
Host: candobooking.com
URL: https://candobooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e4143f8903c3c559b6f32ced64ab76a479635695ffdec280d45bfc645f2088

Request headers

Referer
https://candobooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 05:06:04 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05fa98f35300002bca1cb33000000001
last-modified
Sat, 24 Oct 2020 05:49:36 GMT
server
cloudflare
etag
W/"5f93c070-f6d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yxFMk86rOlTNklL8QNMx2dZMhGxGGkX1i4D660wPd%2BPQ4NrZmXZbeAvyWIBTUHDvv8yRqwuHvBFCt3i5jCObgr7EVnW85lbqr6IxmiNnY7tlUwo0%2B37g0ZV3z1RY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
5e712a988be02bca-FRA
expires
Sun, 25 Oct 2020 05:06:04 GMT
jquery.min.js
candobooking.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candobooking.com/js/jquery.min.js
Requested by
Host: candobooking.com
URL: https://candobooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f52869388813b938bca5f5259d8249fd7ec9d0d501e057a6e6185b79af1b29c

Request headers

Referer
https://candobooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 05:06:04 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05fa98f35400002bca1b858000000001
last-modified
Tue, 02 Jun 2020 14:06:54 GMT
server
cloudflare
etag
W/"5ed65cfe-2260"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3EbUz23FlNYGRzl%2BsxuNq5l2DlkXrJFNNtptOHVvrl9XWj67CMxzxEcg2jQ7Np%2ByUR0JSODJ1S2Tf5o7jGRO8%2Bx2xoVdo%2FZ6mdFCXqs3X6YLhQ6aS0tzQEF%2Bsbze"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
5e712a988be12bca-FRA
expires
Sun, 25 Oct 2020 05:06:04 GMT
load.gif
candobooking.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://candobooking.com/load.gif
Requested by
Host: candobooking.com
URL: https://candobooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5

Request headers

Referer
https://candobooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 05:06:04 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
16770
cf-request-id
05fa98f37c00002bca063c7000000001
last-modified
Tue, 02 Jun 2020 14:06:54 GMT
server
cloudflare
etag
"5ed65cfe-4182"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N%2Bq5K3xRt6Y28ZrV2b%2BiahbbIEVHytimQFnGlnVjmFhc7OnykQo0MJeYNXn1E6VuqAKx4RA1LbH89ApuxFcM1m68RJjc%2B7iiv86VR6TDCx9bL%2BaxXhT7jz8m%2FjuT"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
5e712a98cc4a2bca-FRA
expires
Thu, 29 Oct 2020 05:06:04 GMT
8_6yB6fkdag
www.youtube.com/embed/ Frame 0932 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/8_6yB6fkdag
Requested by
Host: candobooking.com
URL: https://candobooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/8_6yB6fkdag
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://candobooking.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://candobooking.com/

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-length
10485
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Sat, 24 Oct 2020 05:06:04 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=wX1DlIFuO7A; path=/; domain=.youtube.com; secure; expires=Thu, 22-Apr-2021 05:06:04 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 24-Oct-2020 05:36:04 GMT YSC=Ziq8K6DKSEA; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=wX1DlIFuO7A; path=/; domain=.youtube.com; secure; expires=Thu, 22-Apr-2021 05:06:04 GMT; httponly; samesite=None
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_cmbQiC67dk
www.youtube.com/embed/ Frame E775 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/_cmbQiC67dk
Requested by
Host: candobooking.com
URL: https://candobooking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/_cmbQiC67dk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://candobooking.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://candobooking.com/

Response headers

status
200
content-encoding
br
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type
text/html; charset=utf-8
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-length
10510
cache-control
no-cache
x-content-type-options
nosniff
date
Sat, 24 Oct 2020 05:06:04 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=ZcjDl5LTz8Y; path=/; domain=.youtube.com; secure; expires=Thu, 22-Apr-2021 05:06:04 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=ZcjDl5LTz8Y; path=/; domain=.youtube.com; secure; expires=Thu, 22-Apr-2021 05:06:04 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 24-Oct-2020 05:36:04 GMT YSC=q50FhDtrydA; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CWB0XYA8bzo0kSThX0UTuA.woff2
fonts.gstatic.com/s/roboto/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v15/CWB0XYA8bzo0kSThX0UTuA.woff2
Requested by
Host: candobooking.com
URL: https://candobooking.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7bbc8461b2f4cc870743729ee5d44ce0466ca67618f89a8942b655f8a644e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://candobooking.com
Referer
https://candobooking.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 19:59:49 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jan 2015 22:47:37 GMT
server
sffe
age
378375
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14584
x-xss-protection
0
expires
Tue, 19 Oct 2021 19:59:49 GMT
ZvcMqxEwPfh2qDWBPxn6nk4GofcKVZz6wtzX_QUIqsI.woff2
fonts.gstatic.com/s/merriweather/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v13/ZvcMqxEwPfh2qDWBPxn6nk4GofcKVZz6wtzX_QUIqsI.woff2
Requested by
Host: candobooking.com
URL: https://candobooking.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eec5227471f8b5edae562d94761b1e0ce14d23b6a878a6aeb10ed6303ecff681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://candobooking.com
Referer
https://candobooking.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 11:53:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 May 2016 01:54:45 GMT
server
sffe
age
234751
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18508
x-xss-protection
0
expires
Thu, 21 Oct 2021 11:53:33 GMT
RFda8w1V0eDZheqfcyQ4EOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/merriweather/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v13/RFda8w1V0eDZheqfcyQ4EOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: candobooking.com
URL: https://candobooking.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433b7890abd98e0beeec9d5da44a1bbeb5b7e8f3d7aa50442a74289496da2b84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://candobooking.com
Referer
https://candobooking.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 11:41:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 May 2016 01:54:55 GMT
server
sffe
age
235451
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18684
x-xss-protection
0
expires
Thu, 21 Oct 2021 11:41:53 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Origin
https://candobooking.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
Capodanno-al-Centro-di-Meditazione-Osho-Arihant-di-Varazze-Sv_articleimage.jpg
www.terranuova.it/var/terranuova/storage/images/news/corsi-e-seminari/capodanno-al-centro-di-meditazione-osho-arihant-di-varazze-sv/1293660-1-ita-IT/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terranuova.it/var/terranuova/storage/images/news/corsi-e-seminari/capodanno-al-centro-di-meditazione-osho-arihant-di-varazze-sv/1293660-1-ita-IT/Capodanno-al-Centro-di-Meditazione-Osho-Arihant-di-Varazze-Sv_articleimage.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.89.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
list.unimondo.org
Software
nginx /
Resource Hash
a6f85f774c9d10577aa82811a756e02b0dba0cf9eeff79a73930a8126b06c9ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://candobooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains;
via
1.1 varnish
x-content-type-options
nosniff
age
0
x-cache
MISS
status
200
content-length
33192
etag
"5adf5dfa-81a8"
x-served-by
aws-web.opencontent.it
referrer-policy
strict-origin-when-cross-origin
x-ttl
31d
last-modified
Tue, 24 Apr 2018 16:40:26 GMT
server
nginx
date
Sat, 24 Oct 2020 05:06:04 GMT
expect-ct
max-age=86400
x-frame-options
sameorigin
x-varnish
300525201
cache-control
max-age=2592000
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-type
image/jpeg
expires
Mon, 23 Nov 2020 05:06:04 GMT
Dynamic.jpg
www.oshopulsation.it/wp-content/uploads/2016/10/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oshopulsation.it/wp-content/uploads/2016/10/Dynamic.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::270 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
0ecb665cb7fe1fc3a90c90674f48ec6ddc3a58f66e00a0cc57607daad07eae58

Request headers

Referer
https://candobooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 05:06:04 GMT
last-modified
Tue, 07 Jul 2020 12:44:12 GMT
server
Apache
etag
"dc25-5a9d95926d037"
content-type
image/jpeg
status
200
cache-control
max-age=2419200
accept-ranges
bytes
content-length
56357
expires
Sat, 21 Nov 2020 05:06:04 GMT
con_te_e_senza_di_te.jpg
cs.ilgiardinodeilibri.it/data/prod/orig/c/ 		356 KB
357 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.ilgiardinodeilibri.it/data/prod/orig/c/con_te_e_senza_di_te.jpg?_\u003d1506499811
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.111.226.190 , Italy, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS
www.ilgiardinodeilibri.it
Software
Apache/2 /
Resource Hash
dc24d2e16509058192c8ba3e0eca0156206662533fbb1008715a7a4efdedf4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://candobooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 05:06:04 GMT
last-modified
Wed, 27 Sep 2017 08:10:11 GMT
server
Apache/2
accept-language
bytes
etag
"5909a-55a275220ad46"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
status
200
cache-control
max-age=43200
content-length
364698
YOGA-mondadori6-1-860x860.jpg
osho.it/wp-content/uploads/2018/08/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://osho.it/wp-content/uploads/2018/08/YOGA-mondadori6-1-860x860.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:d:7b3::3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
338e618f84fc304d32cc7bc5d0cf2d2e50abf018767986a33a170e6064b6a438

Request headers

Referer
https://candobooking.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 05:06:04 GMT
last-modified
Mon, 07 Oct 2019 15:41:04 GMT
server
Apache
etag
"1780612-17036-59453e12b96af"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
94262

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.bingapis.com
URL
https://ajax.bingapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| bmN string| ref

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: q50FhDtrydA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ZcjDl5LTz8Y
.candobooking.com/ Name: __cfduid
Value: d54b27c056c57b7f3ade5b71c64e7fbd01603515964