urlscan.io logo urlscan.io
SecurityTrails logo

naturalbooking.it Open in urlscan Pro
2606:4700:3037::ac43:dca7  Public Scan

Go To Rescan Add Verdict Report
URL: https://naturalbooking.it/
Submission: On April 11 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3037::ac43:dca7, located in United States and belongs to CLOUDFLARENET, US. The main domain is naturalbooking.it.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 11th 2023. Valid for: a year.
This is the only time naturalbooking.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3037::ac43:dca7 (United States)

ASN13335 (CLOUDFLARENET, US)
naturalbooking.it
1    116.202.45.219 (Weng, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.219.45.202.116.clients.your-server.de
www.koobcamp.com
7    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.it
1    94.130.194.241 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.241.194.130.94.clients.your-server.de
www.crweb.it
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
200 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
5 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 90
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 google.it
adservice.google.it — Cisco Umbrella Rank: 62342
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 980
609 B
1 gstatic.com
fonts.gstatic.com
31 KB
1 crweb.it
www.crweb.it
65 KB
1 koobcamp.com
www.koobcamp.com
132 KB
1 naturalbooking.it
naturalbooking.it
2 KB
20 9
Domain Requested by
6 pagead2.googlesyndication.com naturalbooking.it
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.it pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.gstatic.com www.koobcamp.com
1 www.crweb.it naturalbooking.it
1 www.koobcamp.com naturalbooking.it
1 naturalbooking.it
20 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
koobcamp.com
cPanel, Inc. Certification Authority		 2023-02-28 -
2023-05-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
crweb.it
R3		 2023-02-28 -
2023-05-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.google.it
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://naturalbooking.it/
Frame ID: 7B83AEE9CCEE0007B366BB98F3AA7EFE
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: 9B589A15100A7BF321EBAC35923EEAB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1379883301146141&output=html&h=280&slotname=6246928562&adk=3605928073&adf=3025194257&pi=t.ma~as.6246928562&w=1200&fwrn=4&fwrnh=100&lmt=1681177043&rafmt=1&format=1200x280&url=https%3A%2F%2Fnaturalbooking.it%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681177043142&bpp=5&bdt=244&idt=146&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&correlator=640433109873&frm=20&pv=2&ga_vid=3351140.1681177043&ga_sid=1681177043&ga_hid=999396468&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C21065725&oid=2&pvsid=4308622915439267&tmod=1908637871&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Y6XGi9R1SP&p=https%3A//naturalbooking.it&dtd=169
Frame ID: 725AB3CD276F0232F2BD05DBFA262361
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1379883301146141&output=html&adk=1812271804&adf=1573534164&lmt=1681177043&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnaturalbooking.it%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681177043147&bpp=1&bdt=249&idt=173&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=640433109873&frm=20&pv=1&ga_vid=3351140.1681177043&ga_sid=1681177043&ga_hid=999396468&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C21065725&oid=2&pvsid=4308622915439267&tmod=1908637871&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=192
Frame ID: DE0C5E9BF0D1C2CC6C467A9D61CD9F4E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC6AA2B3AFC8BA01C1AA29AF1112C657
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E9D73720A0B83561441A2404F52BE34D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

naturalbooking.it

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

20
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

439 kB
Transfer

839 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
naturalbooking.it/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://naturalbooking.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dca7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5243a50de398f9401930aa2668c71fe263f7b109f07da1838b938416a11514fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b5f81056b4a839d-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 11 Apr 2023 01:37:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UC994bods0jZEzPnKZ5AuS%2FmMRQyLFQljet535OFaw%2ByhlY1S42aB5ECooGieOIpgROihRIDhGtFkNPgZnTgGIjcqoy7zEbWnD9Qb7BkMy44lN37%2BGdTdf1y1I0%2FraCtYD3CTx%2BFk1N3KC3OaQ8siw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
www.koobcamp.com/css/ 		132 KB
132 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.koobcamp.com/css/style.css
Requested by
Host: naturalbooking.it
URL: https://naturalbooking.it/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.45.219 Weng, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.219.45.202.116.clients.your-server.de
Software
Apache /
Resource Hash
06b7b4281d5217131eeea03c87f0923456ff89a2f619887cd78a784f28ac1564

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 01:37:22 GMT
Last-Modified
Tue, 24 Sep 2019 08:33:09 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
135391
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: naturalbooking.it
URL: https://naturalbooking.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8da1ffb0b6257cd0f13d2c3b808383793cf8b7ea19c1d4862a20dd0a0a5f5432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 01:37:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47949
x-xss-protection
0
server
cafe
etag
717169804258529454
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Apr 2023 01:37:23 GMT
crweb-logo-partner-positive.png
www.crweb.it/assets/img/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.crweb.it/assets/img/crweb-logo-partner-positive.png
Requested by
Host: naturalbooking.it
URL: https://naturalbooking.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.194.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.241.194.130.94.clients.your-server.de
Software
Apache/2.4.10 /
Resource Hash
78fbaba01b49550d614e116615ea928785404fa184ab78af5842d214cdac83fb

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 01:10:53 GMT
Last-Modified
Wed, 05 Jul 2017 10:43:10 GMT
Server
Apache/2.4.10
ETag
"10453-5538faa87ab80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
66643
S6u_w4BMUTPHjxsI5wq_Gwfo.ttf
fonts.gstatic.com/s/lato/v14/ 		60 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u_w4BMUTPHjxsI5wq_Gwfo.ttf
Requested by
Host: www.koobcamp.com
URL: https://www.koobcamp.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd7ee0188fdfea06e7ed26fd128d2fc70129752daf535dde93e62a115b954e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.koobcamp.com/
Origin
https://naturalbooking.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 12:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31449
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:22:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 12:14:02 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/ 		348 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1379883301146141&plah=naturalbooking.it
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
754d0f0c7c9c3c6f67446ad05e4f95a9e7ce00ae6c1e10aff881d968f045bd7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 01:37:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119052
x-xss-protection
0
server
cafe
etag
7366585768490993451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 11 Apr 2023 01:37:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame 9B58 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://naturalbooking.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
66272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 10 Apr 2023 07:12:51 GMT
etag
2378337311435320485
expires
Mon, 24 Apr 2023 07:12:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		401 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=naturalbooking.it&callback=_gfp_s_&client=ca-pub-1379883301146141
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1379883301146141&plah=naturalbooking.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a954929b7303c9aa9f8258b382cf412953c69cf7b78d501f2e318649b4c21c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 01:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
x-xss-protection
0
integrator.js
adservice.google.it/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.it/adsid/integrator.js?domain=naturalbooking.it
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1379883301146141&plah=naturalbooking.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 01:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=naturalbooking.it
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1379883301146141&plah=naturalbooking.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 01:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 725A 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1379883301146141&output=html&h=280&slotname=6246928562&adk=3605928073&adf=3025194257&pi=t.ma~as.6246928562&w=1200&fwrn=4&fwrnh=100&lmt=1681177043&rafmt=1&format=1200x280&url=https%3A%2F%2Fnaturalbooking.it%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681177043142&bpp=5&bdt=244&idt=146&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&correlator=640433109873&frm=20&pv=2&ga_vid=3351140.1681177043&ga_sid=1681177043&ga_hid=999396468&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C21065725&oid=2&pvsid=4308622915439267&tmod=1908637871&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Y6XGi9R1SP&p=https%3A//naturalbooking.it&dtd=169
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1379883301146141&plah=naturalbooking.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://naturalbooking.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Apr 2023 01:37:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DE0C 		0
171 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1379883301146141&output=html&adk=1812271804&adf=1573534164&lmt=1681177043&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnaturalbooking.it%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681177043147&bpp=1&bdt=249&idt=173&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=640433109873&frm=20&pv=1&ga_vid=3351140.1681177043&ga_sid=1681177043&ga_hid=999396468&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C21065725&oid=2&pvsid=4308622915439267&tmod=1908637871&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=192
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1379883301146141&plah=naturalbooking.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://naturalbooking.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Apr 2023 01:37:23 GMT
expires
Tue, 11 Apr 2023 01:37:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230405&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1379883301146141&plah=naturalbooking.it
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50377047137ff657f10cde10e2014e8de9882fda241a38ff270d98324c1d7848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 01:37:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11220
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1379883301146141&plah=naturalbooking.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 01:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 01:37:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC6A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://naturalbooking.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
age
19067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 10 Apr 2023 20:19:36 GMT
expires
Tue, 09 Apr 2024 20:19:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E9D7 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
860b4a43c5ee69870521950f523c4f4fadc5d00190e5cd989efc6285e816fda6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TOFltzbhggtF1jou62oAeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://naturalbooking.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-TOFltzbhggtF1jou62oAeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Apr 2023 01:37:23 GMT
expires
Tue, 11 Apr 2023 01:37:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
pagead2.googlesyndication.com/bg/ Frame EC6A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 13:44:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
388403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14213
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 13:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Apr 2024 13:44:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E9D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230405&jk=4308622915439267&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame EC6A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5BUT1w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 01:37:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230405&jk=4308622915439267&bg=!EBOlE0fNAAYIJb0jKCU7ADkAdvg8WjcAYGL4KXNJHJd7tTSa9NHAl9l_9ehQm41j42YUGFI6Z9ZybNxCQAXzs0XBvdS3lkUCvhoCAAAAtFIAAAADaAEHCgC-NzbpAxAMhpCqCBubJKRKXB4wJ4qivzW2YqSgBR5jbT2kz6noWmj2vVYc_qTRmqMoDNCzFIH7wN_DwX3u0h5xmpYO4gTgaCX8GivsYn-d58FPrXSl0_cpLi9DXDal8FwIZeFjXML6Q1SKHaguWhdh3qDesMtcLAbQv97TgWvv9eOjTda_ban2esb9acP8-CjQhRdhX8nKFFHqaPq8Nk0npiq6jppnvgA1KWm0SDcQy11AcHtFOiac0s8yDzTCdZkCp5VGPKNYUsA9WPRlKADlYr5U4J7wC462iubzPC0cpf-cY1gXH4YgcYVVmnji0BnVkvegRE-92f_KS_HzCMIBGJsjNYuh6QQ6tiM_76PfsfK4NJN-rf3IprdqSctPwjC-Fg5jxcMdapH-x0fpxnsEIubr5NLueW7OEoe0ISJ_73HsOEFY4PjYB2PxZaPFNXTgX8QgQSvdpI7f2KOJvy1dB6FnreSJLMzl1Y2XmUUL7zjok7poqWmFjcJF1OLgdelcQy7UXOWKJ9w6XOSa_TgOLUYg9uR77W_-ofD-MeiojPbWUKlIxkrH3r1TwZ43F3sEfaiv8_YyioRcDTbH3FAjnybTyqQzoy3SqHmVoiQaUM-_7zNItJq07SDeuIeLhRt32KPaueEauA6cGS0nC9NbVoS3EiUPWXW9Ur8Twq426NSJGMAr2RFPp1GniUpgtURadJkiPk-gSk23APApBTE97n26QAZxkzxOP_aSHWqPudySUHSSeAdvYFpDu0_NmJOt1RuyKWtuUjJOJaUzP5Nb_k5zCrMJ5YlWiViqm4W3GrmsQzHl3A4s8ZyfsJv4gmIFFj0emfHds_lPyGY2y_3JuqRAL9xDVmgWl8RB9khmMy-2F7oMTyP6OhJ_tTHFr2rEpshK7SYI2wWTAP_R7BTIfptAsVwxSNynC8Kfq4rQBNS_QaSX2ITRmEwP8DsIRG8FN20XE_NX2bNcVNgQYz--HZp5q2tkQavzRBNEGYjEJ-7nW8cfsg4Dw2iJJkgWAcWOuLsq8hTi-qWaH6CzAnfDp21yoare4i_Nz-rEoYaakn4JgcsMyRygOM4Ric7emQx0uxNsHEWwnFlhH9ZQef_g7rFpxl5aLOVoqXiSXSHVWG_RsShkW299-APdme9ndap20tQWsiX9ok4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://naturalbooking.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.naturalbooking.it/ Name: __gads
Value: ID=6f2f1e22875b537b-22ce21958bdd00f6:T=1681177043:RT=1681177043:S=ALNI_MZW_YX_eqKrwXKHtRy8zOI29hYtAw
.naturalbooking.it/ Name: __gpi
Value: UID=00000bd3c6bda8b5:T=1681177043:RT=1681177043:S=ALNI_MaNjg-2KuOCfS0D9ekbI0w6fVh8cg

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1379883301146141&output=html&h=280&slotname=6246928562&adk=3605928073&adf=3025194257&pi=t.ma~as.6246928562&w=1200&fwrn=4&fwrnh=100&lmt=1681177043&rafmt=1&format=1200x280&url=https%3A%2F%2Fnaturalbooking.it%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681177043142&bpp=5&bdt=244&idt=146&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&correlator=640433109873&frm=20&pv=2&ga_vid=3351140.1681177043&ga_sid=1681177043&ga_hid=999396468&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C21065725&oid=2&pvsid=4308622915439267&tmod=1908637871&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Y6XGi9R1SP&p=https%3A//naturalbooking.it&dtd=169
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.it
fonts.gstatic.com
googleads.g.doubleclick.net
naturalbooking.it
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.crweb.it
www.google.com
www.koobcamp.com
116.202.45.219
2606:4700:3037::ac43:dca7
2a00:1450:4001:802::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
94.130.194.241
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
06b7b4281d5217131eeea03c87f0923456ff89a2f619887cd78a784f28ac1564
4a954929b7303c9aa9f8258b382cf412953c69cf7b78d501f2e318649b4c21c7
50377047137ff657f10cde10e2014e8de9882fda241a38ff270d98324c1d7848
5243a50de398f9401930aa2668c71fe263f7b109f07da1838b938416a11514fc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
754d0f0c7c9c3c6f67446ad05e4f95a9e7ce00ae6c1e10aff881d968f045bd7d
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
78fbaba01b49550d614e116615ea928785404fa184ab78af5842d214cdac83fb
860b4a43c5ee69870521950f523c4f4fadc5d00190e5cd989efc6285e816fda6
8da1ffb0b6257cd0f13d2c3b808383793cf8b7ea19c1d4862a20dd0a0a5f5432
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
bd7ee0188fdfea06e7ed26fd128d2fc70129752daf535dde93e62a115b954e1a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855