portofinotourism.com Open in urlscan Pro
168.119.10.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.portofinotourism.rahatalb.com/
Effective URL:
https://portofinotourism.com/
Submission: On August 02 via automatic, source certstream-suspicious (August 2nd 2024, 12:48:39 am UTC) — Scanned from CA

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 168.119.10.135, located in Düsseldorf, Germany and belongs to HETZNER-AS, DE. The main domain is portofinotourism.com.
TLS certificate: Issued by R11 on August 1st 2024. Valid for: 3 months.

This is the only time portofinotourism.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	168.119.10.135 168.119.10.135	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700:440... 2606:4700:4400::6812:2262	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.10.219 104.18.10.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:251... 2600:9000:2512:9000:5:bf05:acc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.18.11.219 104.18.11.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.61.78 52.85.61.78	16509 (AMAZON-02) (AMAZON-02)
23	7

12 168.119.10.135 (Düsseldorf, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: alpha.domenii-web.com

www.portofinotourism.rahatalb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portofinotourism.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:2262 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.getyourguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.10.219 (None, )

ASN13335 (CLOUDFLARENET, US)

scripts.stay22.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2512:9000:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.219 (None, )

ASN13335 (CLOUDFLARENET, US)

www.stay22.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-78.ewr53.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	portofinotourism.com portofinotourism.com	724 KB
5	stay22.com scripts.stay22.com — Cisco Umbrella Rank: 69933 www.stay22.com — Cisco Umbrella Rank: 58015	66 KB
4	getyourguide.com widget.getyourguide.com — Cisco Umbrella Rank: 55189	26 KB
1	booking.com www.booking.com — Cisco Umbrella Rank: 11143
1	bstatic.com cf.bstatic.com — Cisco Umbrella Rank: 19480	3 KB
1	rahatalb.com 1 redirects www.portofinotourism.rahatalb.com	325 B
23	6

	Domain	Requested by
11	portofinotourism.com	portofinotourism.com
4	widget.getyourguide.com	portofinotourism.com widget.getyourguide.com
3	scripts.stay22.com	portofinotourism.com scripts.stay22.com
2	www.stay22.com	scripts.stay22.com
1	www.booking.com	cf.bstatic.com
1	cf.bstatic.com	portofinotourism.com
1	www.portofinotourism.rahatalb.com	1 redirects
23	7

This site contains links to these domains. Also see Links.

Domain
www.stay22.com

Subject Issuer	Validity	Valid
www.portofinotourism.rahatalb.com R11	`2024-08-01` - `2024-10-30`	3 months	crt.sh
widget.getyourguide.com WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
stay22.com E5	`2024-07-16` - `2024-10-14`	3 months	crt.sh
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-29` - `2024-11-28`	a year	crt.sh
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-01` - `2025-03-25`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://portofinotourism.com/
Frame ID: 8576B9F9E01956B6CAF7697E5E2E57C1
Requests: 19 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-CA&aid=2306002&target_aid=2306002&fid=1722559713464&
Frame ID: 10A8333D508F14EB6F71A01BD80FEA4F
Requests: 1 HTTP requests in this frame

Frame: https://widget.getyourguide.com/default/availability.frame?sha=323b8d04-ca7c-508d-89a4-90eba7df7ec0&tour_id=414272&locale_code=en-US&currency=EUR&widget=availability&variant=horizontal&partner_id=7SXPQ1Z&widget_created=1722559714658&host_font_family=Helvetica%2C%20Verdana%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Fportofinotourism.com%2F&visitor_id=CECA0BA526D54089A6975668380DD1EC
Frame ID: F36624E478E512D6D3A45548474493A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portofino Tourism – The Italian Riviera

Page URL History Show full URLs

https://www.portofinotourism.rahatalb.com/ HTTP 301
https://portofinotourism.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

23
Requests

96 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

818 kB
Transfer

1062 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.stay22.com/allez/booking?aid=tildepublishingsrl&campaign=portofinotourism&product=lma&habl=false&isinc=false&sid22=5393dd5b-846c-4771-9e53-95af8dba21a4&source=direct&medium=deeplink&address=Portofino%2C+Liguria%2C+Italy&link=https%3A%2F%2Fwww.booking.com%2Fsearchresults.en.html%3Fcity%3D-125543%26aid%3D2305733%26no_rooms%3D1%26group_adults%3D2
Title: BOOK YOUR HOTEL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.portofinotourism.rahatalb.com/ HTTP 301
https://portofinotourism.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
portofinotourism.com/
Redirect Chain

https://www.portofinotourism.rahatalb.com/
https://portofinotourism.com/

95 KB
19 KB

717ms
328ms

Document
text/html

168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: 34a68c54898a5107fd38dc86e44d26ba50ab4f3846bf598ea38b8d23c29fc5e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Aug 2024 00:48:32 GMT
Keep-Alive: timeout=5, max=100
Link: <https://portofinotourism.com/wp-json/>; rel="https://api.w.org/", <https://portofinotourism.com/wp-json/wp/v2/pages/2>; rel="alternate"; title="JSON"; type="application/json", <https://portofinotourism.com/>; rel=shortlink
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Aug 2024 00:48:31 GMT
Keep-Alive: timeout=5, max=100
Location: https://portofinotourism.com/
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Redirect-By: WordPress

GET
H/1.1 200
OK main.min.css
portofinotourism.com/wp-content/themes/astra/assets/css/minified/ 42 KB
42 KB 208ms
112ms Stylesheet
text/css 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portofinotourism.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.7.3
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: 659d78e86e4eeaf329bc6ce7d9023a5df5212584288eeef25ddc03db94074a5a

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:32 GMT
Last-Modified: Wed, 17 Jul 2024 03:37:55 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43139

GET
BLOB 200
OK 3780e896-b072-4b38-923b-caa5e0d0e48e
https://portofinotourism.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portofinotourism.com/3780e896-b072-4b38-923b-caa5e0d0e48e
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H/1.1 200
OK style.min.css
portofinotourism.com/wp-includes/css/dist/block-library/ 110 KB
110 KB 274ms
124ms Stylesheet
text/css 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portofinotourism.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:32 GMT
Last-Modified: Wed, 24 Jul 2024 02:28:26 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 112419

GET
H2 200 pa.umd.production.min.js Show response
widget.getyourguide.com/dist/ 52 KB
17 KB 175ms
45ms Script
application/javascript 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/dist/pa.umd.production.min.js

Requested by

Host: portofinotourism.com
URL: https://portofinotourism.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

282300faee394628026f002f1e3c4d509a66b94bf09e6a2910f61f818f5834c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 00:48:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1F2PR9C6JZQPFSV1
age: 1905
x-amz-server-side-encryption: AES256
x-amz-id-2: e8nIc+Fx9534kLj2wa9LvauVgYocTgKU1BzV83osH887lEccKBqiKmsCUCkW8tJb8Wi5MjY8Suo=
last-modified: Tue, 18 Jun 2024 12:09:23 GMT
server: cloudflare
etag: W/"bea8124e946f6f3aae471dade0696dcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfbZAnmYfIgRi57lMYScTMADVuPHXVeH1UdC0g2jg6%2FPFTO25EBjO6YeYWVy9l3x2qb2prngJBTgnVUniRx5cf0rq3o1elGcOpaHoefvytbgwK1hvWNJCWbA84I86kdeWff27wr7GsJf25XpdU2gbAi4sgS7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600, public, must-revalidate
cf-ray: 8aca1020a8f57150-YUL

GET
H/1.1 200
OK portofino-tourism-180x60.png
portofinotourism.com/wp-content/uploads/2021/06/ 8 KB
8 KB 345ms
116ms Image
image/png 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portofinotourism.com/wp-content/uploads/2021/06/portofino-tourism-180x60.png
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: c99f61bb5d9b1e86a17db168a816a8f65ec68da0ec6dc3e62e1c75b4d2aed90e

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:32 GMT
Last-Modified: Thu, 12 Jan 2023 07:26:28 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7761

GET
H/1.1 200
OK portofino-italy-1.jpg
portofinotourism.com/wp-content/uploads/2021/06/ 345 KB
345 KB 331ms
112ms Image
image/jpeg 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portofinotourism.com/wp-content/uploads/2021/06/portofino-italy-1.jpg
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: 68ade38ae380cb9c5a2812a60b55e88ef619361a62fcc6147829d439b7ef1553

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:32 GMT
Last-Modified: Mon, 07 Jun 2021 09:42:44 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 353198

GET
H/1.1 200
OK Portofino-Italy-harbor.jpg
portofinotourism.com/wp-content/uploads/2021/06/ 68 KB
68 KB 346ms
116ms Image
image/jpeg 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portofinotourism.com/wp-content/uploads/2021/06/Portofino-Italy-harbor.jpg
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: 2931fe830fdd729a695155abef5b17dfaf92d969c9cca556d2c87a243b232f14

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:32 GMT
Last-Modified: Mon, 07 Jun 2021 12:40:58 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 69639

GET
H/1.1 200
OK Portofino-view.jpg
portofinotourism.com/wp-content/uploads/2021/06/ 83 KB
83 KB 118ms
117ms Image
image/jpeg 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portofinotourism.com/wp-content/uploads/2021/06/Portofino-view.jpg
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: 259665cfd3f0fa42c3829bb19d31af5aa27322e5dca8f7e273a25ea0b5331673

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:32 GMT
Last-Modified: Mon, 07 Jun 2021 12:42:36 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 84622

GET
H/1.1 200
OK frontend.min.js Show response
portofinotourism.com/wp-content/themes/astra/assets/js/minified/ 22 KB
22 KB 116ms
115ms Script
application/javascript 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portofinotourism.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.7.3
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: 19deb6782f674ebbc6065f61b240aa1663fd6b063c84bb63e530d5ad9a10980d

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:33 GMT
Last-Modified: Wed, 17 Jul 2024 03:37:55 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 22694

GET
H3 200 letmeallez.js Show response
scripts.stay22.com/ 176 KB
63 KB 113ms
40ms Script
application/javascript 104.18.10.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.stay22.com/letmeallez.js

Requested by

Host: portofinotourism.com
URL: https://portofinotourism.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362802648f9d40501f335c4d869192749b4adfcbf4181e8057574078be128eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 00:48:33 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 2860
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722556843&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=zcVMtaohnoACg4ocODE4XridJ%2FJ5%2FeTuiRg%2BdR08UUw%3D
last-modified: Fri, 02 Aug 2024 00:00:04 GMT
server: cloudflare
etag: W/"2be2a-1911062eba0"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722556843&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=zcVMtaohnoACg4ocODE4XridJ%2FJ5%2FeTuiRg%2BdR08UUw%3D"}]}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8aca10204fa7ab2e-YYZ
expires: Fri, 02 Aug 2024 01:48:33 GMT

GET
H/1.1 200
OK portofino-tourism-180x60.png
portofinotourism.com/wp-content/uploads/2021/06/ 8 KB
0 0ms
0ms Image
image/png 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portofinotourism.com/wp-content/uploads/2021/06/portofino-tourism-180x60.png
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: c99f61bb5d9b1e86a17db168a816a8f65ec68da0ec6dc3e62e1c75b4d2aed90e

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:32 GMT
Last-Modified: Thu, 12 Jan 2023 07:26:28 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 7761
Content-Type: image/png

GET
H2 200 flexiproduct.js Show response
cf.bstatic.com/static/affiliate_base/js/ 6 KB
3 KB 187ms
36ms Script
application/javascript 2600:9000:2512:9000:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1722559713247

Requested by

Host: portofinotourism.com
URL: https://portofinotourism.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:9000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 06:03:20 GMT
content-encoding: br
via: 1.1 fe705b44d5a5a2d7d6e73595ceeca2e2.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: JFK50-P7
age: 2313913
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Jun 2022 03:41:28 GMT
server: nginx
etag: W/"62a6b1e8-1849"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: CaMQtCL_qYDx_328pfURlcUo0_ZyIcVTleMDbOz61i4j_B4V94eF5w==
expires: Mon, 05 Aug 2024 06:03:20 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
portofinotourism.com/wp-includes/js/ 18 KB
19 KB 117ms
116ms Script
application/javascript 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portofinotourism.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: portofinotourism.com
URL: https://portofinotourism.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:33 GMT
Last-Modified: Wed, 03 Apr 2024 06:13:23 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18726

OPTIONS
H3 204 partner
www.stay22.com/ext/ Frame 0
0 143ms
60ms Preflight 104.18.11.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.stay22.com/ext/partner?lmaID=&aid=tildepublishingsrl&campaign=portofinotourism&product=lma&installationMethod=manual&version=1.5.14&hasadblocker=false&isinc=false&preservecampaign=false&keepItPretty=false&disableHyperlink=true&disableWidgets=true&disablepop=false&ref22=https%3A%2F%2Fportofinotourism.com%2F&sid22=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: sid22
Access-Control-Request-Method: GET
Origin: https://portofinotourism.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: sid22
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca1021bb093703-YYZ
content-length: 0
date: Fri, 02 Aug 2024 00:48:33 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722559713&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=GFTMrxKZImLIW9HORFB7Ey4luNik%2BeS1Qte6qGW2hY4%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722559713&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=GFTMrxKZImLIW9HORFB7Ey4luNik%2BeS1Qte6qGW2hY4%3D
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers
via: 1.1 vegur

GET
H3 200 partner Show response
www.stay22.com/ext/ 1 KB
2 KB 70ms
70ms XHR
application/json 104.18.11.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: scripts.stay22.com
URL: https://scripts.stay22.com/letmeallez.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

038b515881ddf4b6017a44195726fc63d6233f5b119d219513c56f594b4856fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://portofinotourism.com/
sid22
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 00:48:33 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
etag: W/"41d-NLTSvfu9a/ygXPdQVSEaYZghXr0"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722559713&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=GFTMrxKZImLIW9HORFB7Ey4luNik%2BeS1Qte6qGW2hY4%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8aca10222b663703-YYZ
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722559713&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=GFTMrxKZImLIW9HORFB7Ey4luNik%2BeS1Qte6qGW2hY4%3D

GET
H2 200 flexiproduct.html
www.booking.com/ Frame 10A8 0
0 460ms
306ms Document
text/html 52.85.61.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-CA&aid=2306002&target_aid=2306002&fid=1722559713464&

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1722559713247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-78.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portofinotourism.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private
content-encoding: br
content-length: 45063
content-type: text/html; charset=UTF-8
date: Fri, 02 Aug 2024 00:48:33 GMT
nel: {"max_age":604800,"report_to":"default"}
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}]}
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent, Accept-Encoding
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-amz-cf-id: AAHCoI0sE0OygKItBGINX2JhGuCpan-tinY88g2st7XjXTi9XRhigg==
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 widget.js Show response
widget.getyourguide.com/pw/latest/client-loader/ 19 KB
7 KB 37ms
36ms Script
application/javascript 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/pw/latest/client-loader/widget.js

Requested by

Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60139ff929fb109925d6adc3c4222f73b625c9e7e84a9f39c405687f354d9b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 00:48:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2P7TRBFJE67ZQ4M8
age: 87
x-amz-server-side-encryption: AES256
x-amz-id-2: p0BuCZAWBzQzMYKtcgOy6vrfWZc/FQ52fnbpEVYsmGT3xV7rKxx2l1qMb7WhP0hmkvplSLmYXeM=
last-modified: Wed, 10 Jul 2024 08:07:58 GMT
server: cloudflare
etag: W/"f78b933bf1089102bede4086962d54b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NbcfzTPwXhHNwTD8ku0ZErY2%2FSWRHuILJPs7dL3kywcUENGdri6L3PaiH9sGazPBO6GaS1BUMNx376KMyZKszaM6recZIoO96z9iUriCw%2FBDNumTo82fkgGuj%2BnkLxIc8qoSyPggxYIpqrnHQ%2FENLZNvrrRH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=100, public, must-revalidate
cf-ray: 8aca102139c37150-YUL

GET
H2 200 gnikcart Show response
widget.getyourguide.com/ 61 B
1 KB 139ms
138ms Fetch
application/json 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/gnikcart?q=eyJwYXJ0bmVyX2lkIjoiN1NYUFExWiIsInVybCI6InBvcnRvZmlub3RvdXJpc20uY29tLyJ9

Requested by

Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

384693ca98e586fb7cecdecb3071dae80ea1df41f75bf189b57f5b4c3e3e6c28

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' .getyourguide.com .gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 00:48:33 GMT
content-security-policy: default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: Express
x-envoy-upstream-service-time: 7
x-xss-protection: 1; mode=block
x-request-id: 30ebfb4a-0296-9627-b1f5-bc5f6ea22e98
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sFlWmuPAnOcg6jtyveGycQCZXFWogBTugRpkHTGshK%2FnaH%2Fk9uuRvfkgD4XNez%2BoJKiiSF4cfukNXR%2FXrTshTQdO4hO3BVX1d5UjmDSLAtEs8Nc8bAV8puQTJRVd%2FOSvTvkLyMtjVCnTLwdiX7eBxD4gpRAp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://portofinotourism.com
cache-control: private
access-control-allow-credentials: true
cf-ray: 8aca10218a397150-YUL

OPTIONS
H3 204 lehf
scripts.stay22.com/api/ Frame 0
0 121ms
93ms Preflight 104.18.10.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.stay22.com/api/lehf

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sid22
Access-Control-Request-Method: POST
Origin: https://portofinotourism.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,sid22
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8aca1022c91aaac5-YYZ
content-length: 0
date: Fri, 02 Aug 2024 00:48:33 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722559713&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=JAYBMWf3vPG5G1b9aALAqURKKYK5B4QbP1vXgsgF8tA%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722559713&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=JAYBMWf3vPG5G1b9aALAqURKKYK5B4QbP1vXgsgF8tA%3D
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers
via: 1.1 vegur

POST
H3 200 lehf Show response
scripts.stay22.com/api/ 1 KB
1 KB 96ms
94ms XHR
application/json 104.18.10.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.stay22.com/api/lehf

Requested by

Host: scripts.stay22.com
URL: https://scripts.stay22.com/letmeallez.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.219 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec1720916aeb9cf73bfbc930daa4e58d1bb4e79365d6f14dd6f4b5dc9e4d57bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://portofinotourism.com/
sid22: 5393dd5b-846c-4771-9e53-95af8dba21a4
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Aug 2024 00:48:33 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
etag: W/"438-T5cUAOSVX722dpxdEzz8aZ1TmCo"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722559713&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=JAYBMWf3vPG5G1b9aALAqURKKYK5B4QbP1vXgsgF8tA%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8aca102359a7aac5-YYZ
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722559713&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=JAYBMWf3vPG5G1b9aALAqURKKYK5B4QbP1vXgsgF8tA%3D

GET
H/1.1 200
OK portofino-logo-150x150.png
portofinotourism.com/wp-content/uploads/2021/06/ 7 KB
8 KB 117ms
117ms Other
image/png 168.119.10.135
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://portofinotourism.com/wp-content/uploads/2021/06/portofino-logo-150x150.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.10.135 Düsseldorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: alpha.domenii-web.com
Software: Apache /
Resource Hash: 5351c70a8ce696da7e1ebadc9d8b6af6d6a5d296955c3fcb646c5990204b1d0e

Request headers

Referer: https://portofinotourism.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 02 Aug 2024 00:48:34 GMT
Last-Modified: Mon, 07 Jun 2021 10:20:11 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7601

GET
H2 200 availability.frame
widget.getyourguide.com/default/ Frame F366 0
0 332ms
294ms Document
text/html 2606:4700:4400::6812:2262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.getyourguide.com/default/availability.frame?sha=323b8d04-ca7c-508d-89a4-90eba7df7ec0&tour_id=414272&locale_code=en-US&currency=EUR&widget=availability&variant=horizontal&partner_id=7SXPQ1Z&widget_created=1722559714658&host_font_family=Helvetica%2C%20Verdana%2C%20Arial%2C%20sans-serif&website=https%3A%2F%2Fportofinotourism.com%2F&visitor_id=CECA0BA526D54089A6975668380DD1EC

Requested by

Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' .getyourguide.com .gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portofinotourism.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8aca1028fe1333ee-YUL
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
content-type: text/html
date: Fri, 02 Aug 2024 00:48:34 GMT
nel: {"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tp9Cutx3odpbiiJwiaVhA%2BWrNXlz8Z%2BeE3v2MSEMzJLVOVRPU%2FESCtT13i7bupBkJxdX6cNc1eeV5b7hSY%2FV0dAXOQgi8Lj%2BIFzvKHCFFiJFAk4MUl6cjSlJ%2FJi1RlZaVxETYaffPAFT7BrCCrYxrE1w%2FeHl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 117
x-powered-by: Express
x-request-id: 49032d0e-6ef6-9c07-b9e8-74422fcb71b3
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stay22.com/	1970-01-20 22:29:21	Name: __cf_bm Value: WwCIiO95OlIzkAy6NIqETUWXsIMwVmeCrZEt8orod4g-1722559713-1.0.1.1-mfHHswzXH1ELnDeG.eqtdxYAw9HQXXtY0U4A9VwLm6wY2OGM9jWeo4233RV6zezD0X5EGE9m7_GpPnrTNwWUkw
.getyourguide.com/	1970-01-21 08:05:19	Name: visitor_id Value: CECA0BA526D54089A6975668380DD1EC
.booking.com/	1970-01-21 08:05:19	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBtsRX3EppoHLr5iWyyUa5w3%2BbmahEkU%2FeXfXsjuUV0mI5OSJNtzXCm7pqTS84jXdcEmTheLM7aJj7AS901tJHgCvp8ZpGMKqwKy6B4qUWC8EALhoKfP1yz67aIgmE%2BH1aPYvRSOxHr7f6xWyl5G8eM1X3U4660nw0s%3D
portofinotourism.com/	1969-12-31 23:59:59	Name: session_id Value: 79eacee3-b13c-4b69-8a08-5d537b429331

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cf.bstatic.com
portofinotourism.com
scripts.stay22.com
widget.getyourguide.com
www.booking.com
www.portofinotourism.rahatalb.com
www.stay22.com
104.18.10.219
104.18.11.219
168.119.10.135
2600:9000:2512:9000:5:bf05:acc0:93a1
2606:4700:4400::6812:2262
52.85.61.78
038b515881ddf4b6017a44195726fc63d6233f5b119d219513c56f594b4856fc
19deb6782f674ebbc6065f61b240aa1663fd6b063c84bb63e530d5ad9a10980d
259665cfd3f0fa42c3829bb19d31af5aa27322e5dca8f7e273a25ea0b5331673
282300faee394628026f002f1e3c4d509a66b94bf09e6a2910f61f818f5834c8
2931fe830fdd729a695155abef5b17dfaf92d969c9cca556d2c87a243b232f14
34a68c54898a5107fd38dc86e44d26ba50ab4f3846bf598ea38b8d23c29fc5e7
362802648f9d40501f335c4d869192749b4adfcbf4181e8057574078be128eeb
384693ca98e586fb7cecdecb3071dae80ea1df41f75bf189b57f5b4c3e3e6c28
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5351c70a8ce696da7e1ebadc9d8b6af6d6a5d296955c3fcb646c5990204b1d0e
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
60139ff929fb109925d6adc3c4222f73b625c9e7e84a9f39c405687f354d9b06
659d78e86e4eeaf329bc6ce7d9023a5df5212584288eeef25ddc03db94074a5a
68ade38ae380cb9c5a2812a60b55e88ef619361a62fcc6147829d439b7ef1553
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
c99f61bb5d9b1e86a17db168a816a8f65ec68da0ec6dc3e62e1c75b4d2aed90e
ec1720916aeb9cf73bfbc930daa4e58d1bb4e79365d6f14dd6f4b5dc9e4d57bc

portofinotourism.com Open in urlscan Pro 168.119.10.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

33 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

818 kBTransfer

1062 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

4 Cookies

Indicators

portofinotourism.com Open in urlscan Pro
168.119.10.135 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

818 kB
Transfer

1062 kB
Size

4
Cookies

23 HTTP transactions
0 data transactions