xn--gnosj-nua.se Open in urlscan Pro Puny
gnosjö.se IDN
2001:67c:750::2  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response xn--gnosj-nua.se/	8 KB 3 KB	1924ms 921ms	Document text/html	2001:67c:750::2 INLEED
General Check archive.org Show headers Download Go to Full URL https://xn--gnosj-nua.se/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:67c:750::2 , Sweden, ASN206170 (INLEED, SE), Reverse DNS Software nginx / PHP/7.4.33 Resource Hash ac0429c81489ae8f4289f0445bcae30e7a74d44309ade6c498a6f8b466b12775 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 05 Jan 2024 02:12:39 GMT link <https://xn--gnosj-nua.se/wp-json/>; rel="https://api.w.org/", <https://xn--gnosj-nua.se/>; rel=shortlink server nginx vary Accept-Encoding Accept-Encoding,Cookie,User-Agent x-powered-by PHP/7.4.33
GET H2	200	css fonts.googleapis.com/	28 KB 2 KB	172ms 63ms	Stylesheet text/css	2607:f8b0:4004:c06::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700 Requested by Host: xn--gnosj-nua.se URL: https://xn--gnosj-nua.se/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 70818de63f12149a5f69b63b38ef22c8dacd86943a50ec86c2a2f5998a40fccf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://xn--gnosj-nua.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 05 Jan 2024 02:12:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 05 Jan 2024 01:55:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 05 Jan 2024 02:12:39 GMT
GET H2	200	font-awesome.min.css xn--gnosj-nua.se/wp-content/themes/mh-cicero-lite/includes/	23 KB 6 KB	434ms 432ms	Stylesheet text/css	2001:67c:750::2 INLEED
General Check archive.org Show headers Download Go to Full URL https://xn--gnosj-nua.se/wp-content/themes/mh-cicero-lite/includes/font-awesome.min.css Requested by Host: xn--gnosj-nua.se URL: https://xn--gnosj-nua.se/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:67c:750::2 , Sweden, ASN206170 (INLEED, SE), Reverse DNS Software nginx / Resource Hash 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd Request headers accept-language en-US,en;q=0.9 Referer https://xn--gnosj-nua.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 02:12:39 GMT content-encoding gzip last-modified Sun, 10 Jan 2021 15:12:14 GMT server nginx etag W/"5ffb194e-5cbb" vary Accept-Encoding content-type text/css
GET H2	200	style.css xn--gnosj-nua.se/wp-content/themes/mh-cicero-lite/	26 KB 7 KB	291ms 289ms	Stylesheet text/css	2001:67c:750::2 INLEED
General Check archive.org Show headers Download Go to Full URL https://xn--gnosj-nua.se/wp-content/themes/mh-cicero-lite/style.css?ver=4.9.5 Requested by Host: xn--gnosj-nua.se URL: https://xn--gnosj-nua.se/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:67c:750::2 , Sweden, ASN206170 (INLEED, SE), Reverse DNS Software nginx / Resource Hash 3329d77d4d6b3f75a4096bfa06dc1fd12f98c64af3ddcf7fcc7315554c5801ca Request headers accept-language en-US,en;q=0.9 Referer https://xn--gnosj-nua.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 02:12:39 GMT content-encoding gzip last-modified Sun, 10 Jan 2021 15:12:14 GMT server nginx etag W/"5ffb194e-6679" vary Accept-Encoding content-type text/css
GET H2	200	jquery.js Show response xn--gnosj-nua.se/wp-includes/js/jquery/	95 KB 39 KB	291ms 290ms	Script application/javascript	2001:67c:750::2 INLEED
General Check archive.org Show headers Download Go to Full URL https://xn--gnosj-nua.se/wp-includes/js/jquery/jquery.js?ver=1.12.4 Requested by Host: xn--gnosj-nua.se URL: https://xn--gnosj-nua.se/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:67c:750::2 , Sweden, ASN206170 (INLEED, SE), Reverse DNS Software nginx / Resource Hash fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e Request headers accept-language en-US,en;q=0.9 Referer https://xn--gnosj-nua.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 02:12:39 GMT content-encoding gzip last-modified Sun, 10 Jan 2021 14:51:08 GMT server nginx etag W/"5ffb145c-17ba0" vary Accept-Encoding content-type application/javascript
GET H2	200	jquery-migrate.min.js Show response xn--gnosj-nua.se/wp-includes/js/jquery/	10 KB 4 KB	148ms 147ms	Script application/javascript	2001:67c:750::2 INLEED
General Check archive.org Show headers Download Go to Full URL https://xn--gnosj-nua.se/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: xn--gnosj-nua.se URL: https://xn--gnosj-nua.se/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:67c:750::2 , Sweden, ASN206170 (INLEED, SE), Reverse DNS Software nginx / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers accept-language en-US,en;q=0.9 Referer https://xn--gnosj-nua.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 02:12:39 GMT content-encoding gzip last-modified Sun, 10 Jan 2021 14:51:08 GMT server nginx etag W/"5ffb145c-2748" vary Accept-Encoding content-type application/javascript
GET H2	200	scripts.js Show response xn--gnosj-nua.se/wp-content/themes/mh-cicero-lite/js/	14 KB 6 KB	434ms 433ms	Script application/javascript	2001:67c:750::2 INLEED
General Check archive.org Show headers Download Go to Full URL https://xn--gnosj-nua.se/wp-content/themes/mh-cicero-lite/js/scripts.js?ver=4.9.5 Requested by Host: xn--gnosj-nua.se URL: https://xn--gnosj-nua.se/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:67c:750::2 , Sweden, ASN206170 (INLEED, SE), Reverse DNS Software nginx / Resource Hash 21d898660f2aa6dca729144836bec8531786a8e1c1979cedac9b7faef93aff84 Request headers accept-language en-US,en;q=0.9 Referer https://xn--gnosj-nua.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 02:12:39 GMT content-encoding gzip last-modified Sun, 10 Jan 2021 15:12:14 GMT server nginx etag W/"5ffb194e-397e" vary Accept-Encoding content-type application/javascript
GET H2	200	wp-embed.min.js Show response xn--gnosj-nua.se/wp-includes/js/	1 KB 905 B	148ms 148ms	Script application/javascript	2001:67c:750::2 INLEED
General Check archive.org Show headers Download Go to Full URL https://xn--gnosj-nua.se/wp-includes/js/wp-embed.min.js?ver=4.9.5 Requested by Host: xn--gnosj-nua.se URL: https://xn--gnosj-nua.se/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:67c:750::2 , Sweden, ASN206170 (INLEED, SE), Reverse DNS Software nginx / Resource Hash dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0 Request headers accept-language en-US,en;q=0.9 Referer https://xn--gnosj-nua.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 02:12:39 GMT content-encoding gzip last-modified Sun, 10 Jan 2021 14:50:53 GMT server nginx etag W/"5ffb144d-576" vary Accept-Encoding content-type application/javascript
GET H2	200	flexiproduct.js Show response aff.bstatic.com/static/affiliate_base/js/	6 KB 3 KB	282ms 68ms	Script application/javascript	2600:9000:2349:9a00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1704420759852 Requested by Host: xn--gnosj-nua.se URL: https://xn--gnosj-nua.se/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://xn--gnosj-nua.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 08 Dec 2023 14:55:39 GMT content-encoding br via 1.1 54f8dfc32403dc4b8a1c2d5ea7335730.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 2373421 x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Mon, 13 Jun 2022 03:41:28 GMT server nginx etag W/"62a6b1e8-1849" vary Accept-Encoding report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 timing-allow-origin * x-amz-cf-id ET8VVxEs44ZWrbu6Kly4nvABQ17UvTOlvYle2X5Rj-CiMGq1voyIow== expires Sun, 07 Jan 2024 14:55:39 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	162ms 55ms	Font font/woff2	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xn--gnosj-nua.se accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:09:16 GMT x-content-type-options nosniff age 108203 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Jan 2025 20:09:16 GMT
GET H2	200	flexiproduct.html Show response www.booking.com/ Frame C05B	83 KB 36 KB	646ms 462ms	Document text/html	18.67.17.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Requested by Host: aff.bstatic.com URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1704420759852 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.17.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-17-67.yto50.r.cloudfront.net Software nginx / Resource Hash 2283634c5fbeff051a163ad6dfd20568fe785b333956239e42c7f3a0797d7309 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://xn--gnosj-nua.se/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private content-encoding br content-length 35018 content-type text/html; charset=UTF-8 date Fri, 05 Jan 2024 02:12:40 GMT nel {"report_to":"default","max_age":604800} report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default","max_age":604800} server nginx strict-transport-security max-age=86400; includeSubDomains vary Accept-Encoding, User-Agent via 1.1 94703ff6f88fa098310f25ad977e6604.cloudfront.net (CloudFront) x-amz-cf-id aqcOSlGQZXDR9FL8F6bcB-T4-fi26PKXJlquehFFx8Aw9-BJJogRow== x-amz-cf-pop YTO50-P1 x-cache Miss from cloudfront x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	82b674edb949dddf78e02d76e8593771bf2e85d5.css cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame C05B	1 KB 1014 B	76ms 74ms	Stylesheet text/css	2600:9000:2349:9a00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css Requested by Host: www.booking.com URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.booking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 08 Dec 2023 07:24:49 GMT content-encoding br via 1.1 54f8dfc32403dc4b8a1c2d5ea7335730.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 2400471 x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Fri, 05 Jun 2020 14:42:31 GMT server nginx etag W/"5eda59d7-51a" vary Accept-Encoding report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type text/css access-control-allow-origin * cache-control max-age=2592000 timing-allow-origin * x-amz-cf-id T-dcKUc4fliTy3N7YEUTcrzhe9-xmFvTRcmHqq0Unv159ASzVUWZWw== expires Sun, 07 Jan 2024 07:24:49 GMT
GET H2	200	f6d29e089da85314827d24b5e412d273b710cf84.css cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame C05B	11 KB 3 KB	78ms 76ms	Stylesheet text/css	2600:9000:2349:9a00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css Requested by Host: www.booking.com URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.booking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 26 Dec 2023 10:07:17 GMT content-encoding br via 1.1 54f8dfc32403dc4b8a1c2d5ea7335730.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 835523 x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Fri, 05 Jun 2020 14:42:31 GMT server nginx etag W/"5eda59d7-2ae3" vary Accept-Encoding report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type text/css access-control-allow-origin * cache-control max-age=2592000 timing-allow-origin * x-amz-cf-id G79Nb4UkCcOYOv_Yv7ZBq68PkmujWZqXM7bs5yJneNDGMg35sTuHjQ== expires Thu, 25 Jan 2024 10:07:17 GMT
GET H2	200	19d26ccbecea13a40501b1a204f92d7797638c6b.css cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame C05B	13 KB 3 KB	75ms 73ms	Stylesheet text/css	2600:9000:2349:9a00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/19d26ccbecea13a40501b1a204f92d7797638c6b.css Requested by Host: www.booking.com URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.booking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:09:21 GMT content-encoding br via 1.1 54f8dfc32403dc4b8a1c2d5ea7335730.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 950599 x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Tue, 28 Jun 2022 06:07:04 GMT server nginx etag W/"62ba9a88-33d2" vary Accept-Encoding report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type text/css access-control-allow-origin * cache-control max-age=2592000 timing-allow-origin * x-amz-cf-id RjBA_et8o3WwrXpe0pn9fAnDxnwchepPa66kYJBJUcg0u6vkN37MTQ== expires Wed, 24 Jan 2024 02:09:21 GMT
GET H2	200	e64c0e1deedf8041f9d8526c0500b696a743bf64.css cf.bstatic.com/static/affiliate_base/css/flexi_product_df2/ Frame C05B	3 KB 1 KB	79ms 77ms	Stylesheet text/css	2600:9000:2349:9a00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cf.bstatic.com/static/affiliate_base/css/flexi_product_df2/e64c0e1deedf8041f9d8526c0500b696a743bf64.css Requested by Host: www.booking.com URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 798f5ce3a1569ac0d3facb8eca4109afc978245811b83d062ea2d5ef2f122d68 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.booking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 29 Dec 2023 14:21:09 GMT content-encoding br via 1.1 54f8dfc32403dc4b8a1c2d5ea7335730.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 561091 x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Tue, 28 Jun 2022 06:07:04 GMT server nginx etag W/"62ba9a88-d90" vary Accept-Encoding report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type text/css access-control-allow-origin * cache-control max-age=2592000 timing-allow-origin * x-amz-cf-id 2Wl05eXR5-fWb73pRROH0nJXynp7bogDLKZzSc_qYBgd3GAh80sYcQ== expires Sun, 28 Jan 2024 14:21:09 GMT
GET H2	200	9910e173be0a3eaee1a2b8f3697fdc62b121c00c.png cf.bstatic.com/static/img/flags/32/se/ Frame C05B	674 B 1 KB	70ms 70ms	Image image/png	2600:9000:2349:9a00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cf.bstatic.com/static/img/flags/32/se/9910e173be0a3eaee1a2b8f3697fdc62b121c00c.png Requested by Host: www.booking.com URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 4f165bacb3e104b29ffb80a89a45b9a327b9b491aac576bbde80612497a4c1d8 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.booking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 17:33:24 GMT via 1.1 54f8dfc32403dc4b8a1c2d5ea7335730.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 290355 x-cache Hit from cloudfront content-length 674 x-xss-protection 1; mode=block last-modified Wed, 10 Apr 2019 11:21:53 GMT server nginx etag "5cadd1d1-2a2" report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes timing-allow-origin * x-amz-cf-id cdwBgYFSp-evNAJhHKXii1aS244enu2sIvBT_Em2MTihp4EN4fIHDA== expires Wed, 31 Jan 2024 17:33:24 GMT
GET H2	200	85522fc012ea427986aabb503405f288a30cc3c8.js Show response cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame C05B	123 KB 39 KB	228ms 85ms	Script application/javascript	2600:9000:2349:1c00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js Requested by Host: www.booking.com URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:1c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://www.booking.com/ Origin https://www.booking.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 22 Dec 2023 07:20:14 GMT content-encoding br via 1.1 d7e35fb15b3339fbd8a9457f22308ea0.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 1191145 x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Wed, 25 May 2022 11:00:45 GMT server nginx etag W/"628e0c5d-1ed10" vary Accept-Encoding report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 timing-allow-origin * x-amz-cf-id YmMVxykncOizfwWEqLwdVaWn1zAPcivohaKqVvhIbXeyTqpImJMMqQ== expires Sun, 21 Jan 2024 07:20:14 GMT
GET H2	200	7e03f1178ca725d97fdd726255c96b3e71b660d2.js Show response cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/ Frame C05B	392 B 968 B	291ms 149ms	Script application/javascript	2600:9000:2349:1c00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/7e03f1178ca725d97fdd726255c96b3e71b660d2.js Requested by Host: www.booking.com URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:1c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://www.booking.com/ Origin https://www.booking.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:35:19 GMT via 1.1 d7e35fb15b3339fbd8a9457f22308ea0.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 2356641 x-cache Hit from cloudfront content-length 392 x-xss-protection 1; mode=block last-modified Tue, 04 Feb 2020 10:19:54 GMT server nginx etag "5e39454a-188" report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes timing-allow-origin * x-amz-cf-id T47ZXj1xhWGzS_JSWynVoFQ0Hz0fuvFu1iqlC2SJzxjEHYEjwHaDvg== expires Sun, 07 Jan 2024 19:35:19 GMT
GET H2	200	866755.webp cf.bstatic.com/xdata/images/city/600x200/ Frame C05B	15 KB 16 KB	654ms 653ms	Image image/webp	2600:9000:2349:9a00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cf.bstatic.com/xdata/images/city/600x200/866755.webp?k=327ef3cd6864a91fc1f9dc34119fbc16c03c53b302897bdd9a216f270581f43f&o= Requested by Host: www.booking.com URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 06e6920ae19ea75544941a672d1391f87da6e66626f97fc7f28173a682f09b59 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.booking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 02:12:41 GMT via 1.1 54f8dfc32403dc4b8a1c2d5ea7335730.cloudfront.net (CloudFront) server nginx x-amz-cf-pop YTO50-P1 etag "31b8fd016c9b87d2fb12efc36344e17f090b6e91" x-cache Miss from cloudfront content-language 15802 access-control-allow-origin * content-type image/webp cache-control max-age=2592000 timing-allow-origin * x-amz-cf-id uciEsCuBbp0cN2f-Cb8NJG1Di-VwYqf4I3AFrJ8fMegN-7Y4f-xlxw== x-xss-protection 1; mode=block
GET H2	200	75023142ca291f26b46bbd3a56d416308c197349.png q.bstatic.com/static/img/affiliate_base/df-postcard-header-bcg/ Frame C05B	244 B 809 B	79ms 69ms	Image image/png	2600:9000:2349:9a00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://q.bstatic.com/static/img/affiliate_base/df-postcard-header-bcg/75023142ca291f26b46bbd3a56d416308c197349.png Requested by Host: cf.bstatic.com URL: https://cf.bstatic.com/static/affiliate_base/css/flexi_product_df2/e64c0e1deedf8041f9d8526c0500b696a743bf64.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 92403784bf395496017a1b1656d0ea68ec6477c8ada5ad56937593ae12955585 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://cf.bstatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 09 Dec 2023 09:18:19 GMT via 1.1 54f8dfc32403dc4b8a1c2d5ea7335730.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 2307261 x-cache Hit from cloudfront content-length 244 x-xss-protection 1; mode=block last-modified Wed, 10 Apr 2019 11:21:50 GMT server nginx etag "5cadd1ce-f4" report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes timing-allow-origin * x-amz-cf-id AN7dz_math9Z25raafBbLX3nc0XBj_ChN4J3pJHS8FkGqhPr_EwS4A== expires Mon, 08 Jan 2024 09:18:19 GMT
GET H2	200	750fa5bec9bde5e6e09115b5970b8106f73a5646.woff cf.bstatic.com/static/fonts/flexi/flexi/ Frame C05B	8 KB 8 KB	135ms 73ms	Font application/font-woff	2600:9000:2349:1c00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff Requested by Host: cf.bstatic.com URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:1c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css Origin https://www.booking.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 26 Dec 2023 09:00:42 GMT via 1.1 d7e35fb15b3339fbd8a9457f22308ea0.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 839518 x-cache Hit from cloudfront content-length 7772 x-xss-protection 1; mode=block last-modified Wed, 10 Apr 2019 11:21:49 GMT server nginx etag "5cadd1cd-1e5c" report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type application/font-woff access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes timing-allow-origin * x-amz-cf-id tu1lJp1AcpNYDjPeQMDIIPkJGxHZArIZ0dBCE1IA8VH4UL-yHZERaw== expires Thu, 25 Jan 2024 09:00:42 GMT
GET H2	200	flexiproduct.html Show response www.booking.com/ Frame C05B	43 B 1 KB	354ms 353ms	XHR text/html	18.67.17.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.booking.com/flexiproduct.html?product=df2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138&ajax_resp=1 Requested by Host: cf.bstatic.com URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.17.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-17-67.yto50.r.cloudfront.net Software nginx / Resource Hash 3028aff591ad6b230a8368243ad8c0e1699ab2a1ae310c1b212cb2e8bd7682aa Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 02:12:41 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=86400; includeSubDomains nel {"report_to":"default","max_age":604800} via 1.1 94703ff6f88fa098310f25ad977e6604.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-P1 x-cache Miss from cloudfront content-length 43 x-xss-protection 1; mode=block server nginx vary User-Agent, Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default"} content-type text/html; charset=UTF-8 cache-control private x-amz-cf-id YI_SCDlyVkghyttgAuWOARweMqDrLmH9yjWEmCJhkWMuumaFQBDxkQ==
GET H2	200	5b002027c2209cf328a1aeffd1954c5516fa0913.gif cf.bstatic.com/static/img/map-loader/ Frame C05B	8 KB 9 KB	74ms 74ms	Image image/gif	2600:9000:2349:9a00:5:bf05:acc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cf.bstatic.com/static/img/map-loader/5b002027c2209cf328a1aeffd1954c5516fa0913.gif Requested by Host: www.booking.com URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2349:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash d8314b4eff35940506acf61b840b57de7f67e594af6b0b7976ddf05040334fc6 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.booking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Sat, 30 Dec 2023 03:48:13 GMT via 1.1 54f8dfc32403dc4b8a1c2d5ea7335730.cloudfront.net (CloudFront) nel {"report_to":"default","max_age":600} x-amz-cf-pop YTO50-P1 age 512668 x-cache Hit from cloudfront content-length 8685 x-xss-protection 1; mode=block last-modified Wed, 10 Apr 2019 11:21:54 GMT server nginx etag "5cadd1d2-21ed" report-to {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05} content-type image/gif access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes timing-allow-origin * x-amz-cf-id UWG7-gONj_5kHDLsXNIRXrNqG3ZY75p_BAxp6uobPHr56D3X9xXmEg== expires Mon, 29 Jan 2024 03:48:13 GMT
GET H2	200	fp_view Show response www.booking.com/affiliate/ Frame C05B	12 B 1 KB	276ms 275ms	XHR application/json	18.67.17.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.booking.com/affiliate/fp_view?aid=2111552&target_aid=2111552&product_type=dfl2 Requested by Host: cf.bstatic.com URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.17.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-17-67.yto50.r.cloudfront.net Software nginx / Resource Hash fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=sv&aid=2111552&target_aid=2111552&dest_id=-2482729&dest_type=city&df_num_properties=9&fid=1704420760138& X-Requested-With XMLHttpRequest X-Booking-CSRF 2J2XZQAAAAA=2TU-CX1Bw7ysce5mqzraqszC2tMUA2K9k66iqNhHFz-uZ8wMpMMH7-SP1FLhg8jp9sYRw3KkVy7PYuVwrg4Vc4tFDUNrPbipa3hrlugOFyQ7YGxAC447wK1ZZHOa7fDF97JW6M1_ZsHBzFDLQEVUq-vb1j4FsmoujcbBX0hrCtMVvm4wjLKdeKP6ABSxUzDAaJsjgBSITTRBp_KK accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 05 Jan 2024 02:12:41 GMT strict-transport-security max-age=86400; includeSubDomains via 1.1 94703ff6f88fa098310f25ad977e6604.cloudfront.net (CloudFront) x-content-options nosniff server nginx x-amz-cf-pop YTO50-P1 x-cache Miss from cloudfront content-type application/json; charset=UTF-8 x-amz-cf-id OtAX98qCoIC2vUZ9nTSwmWOCA_P0MehDbUoLzSKeZ-xQOqLptCb3IA== x-xss-protection 1; mode=block

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope object| wp object| data function| _i_ function| _r_ object| BookingAff

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.booking.com/	1970-01-21 03:03:00	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCoZ6cz86R4PBG%2FuPq%2FesLdA94tvJwepulhSFzTo65%2FUEZ%2FiRmslxGvgudTFEzxAoKPggH3gMUMfuPHp3n9toNHQpMOzm5IfyjG9mHDDBFQby93r51nxeabhrI18ug3qsd7CezIQFIAepGXvb8t2obHrVG9xVRvoCJE%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aff.bstatic.com
cf.bstatic.com
fonts.googleapis.com
fonts.gstatic.com
q.bstatic.com
www.booking.com
xn--gnosj-nua.se
18.67.17.67
2001:67c:750::2
2600:9000:2349:1c00:5:bf05:acc0:93a1
2600:9000:2349:9a00:5:bf05:acc0:93a1
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c17::5e
06e6920ae19ea75544941a672d1391f87da6e66626f97fc7f28173a682f09b59
21d898660f2aa6dca729144836bec8531786a8e1c1979cedac9b7faef93aff84
2283634c5fbeff051a163ad6dfd20568fe785b333956239e42c7f3a0797d7309
3028aff591ad6b230a8368243ad8c0e1699ab2a1ae310c1b212cb2e8bd7682aa
3329d77d4d6b3f75a4096bfa06dc1fd12f98c64af3ddcf7fcc7315554c5801ca
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4f165bacb3e104b29ffb80a89a45b9a327b9b491aac576bbde80612497a4c1d8
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
70818de63f12149a5f69b63b38ef22c8dacd86943a50ec86c2a2f5998a40fccf
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
798f5ce3a1569ac0d3facb8eca4109afc978245811b83d062ea2d5ef2f122d68
92403784bf395496017a1b1656d0ea68ec6477c8ada5ad56937593ae12955585
ac0429c81489ae8f4289f0445bcae30e7a74d44309ade6c498a6f8b466b12775
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
d8314b4eff35940506acf61b840b57de7f67e594af6b0b7976ddf05040334fc6
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7