booking.highfieldhoteldurham.co.uk Open in urlscan Pro
54.78.200.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://booking.highfieldhoteldurham.co.uk/
Effective URL:
https://booking.highfieldhoteldurham.co.uk/book
Submission: On March 01 via automatic, source certstream-suspicious (March 1st 2023, 12:06:15 am UTC) — Scanned from DE

Summary HTTP 28 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 28 HTTP transactions. The main IP is 54.78.200.71, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is booking.highfieldhoteldurham.co.uk.
TLS certificate: Issued by R3 on December 30th 2022. Valid for: 3 months.

This is the only time booking.highfieldhoteldurham.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	54.78.200.71 54.78.200.71	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:211... 2600:9000:211a:8c00:10:c031:dd80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	52.214.210.69 52.214.210.69	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	52.92.18.121 52.92.18.121	16509 (AMAZON-02) (AMAZON-02)
28	14

2 54.78.200.71 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-200-71.eu-west-1.compute.amazonaws.com

booking.highfieldhoteldurham.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211a:8c00:10:c031:dd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d14m6r1z596agm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.214.210.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-210-69.eu-west-1.compute.amazonaws.com

app.thebookingfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.18.121 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

buuqit-images-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cloudfront.net d14m6r1z596agm.cloudfront.net	355 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 856	83 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	thebookingfactory.com app.thebookingfactory.com	14 KB
2	smartlook.com rec.smartlook.com — Cisco Umbrella Rank: 23270	18 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	90 KB
2	highfieldhoteldurham.co.uk 1 redirects booking.highfieldhoteldurham.co.uk	3 KB
1	amazonaws.com buuqit-images-prod.s3.amazonaws.com	5 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6149	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 6884	8 KB
28	13

	Domain	Requested by
6	d14m6r1z596agm.cloudfront.net	booking.highfieldhoteldurham.co.uk d14m6r1z596agm.cloudfront.net
4	use.fontawesome.com	booking.highfieldhoteldurham.co.uk use.fontawesome.com
3	fonts.gstatic.com	fonts.googleapis.com
3	app.thebookingfactory.com	cdn.ravenjs.com
2	rec.smartlook.com	booking.highfieldhoteldurham.co.uk rec.smartlook.com
2	www.googletagmanager.com	booking.highfieldhoteldurham.co.uk www.googletagmanager.com
2	booking.highfieldhoteldurham.co.uk	1 redirects
1	buuqit-images-prod.s3.amazonaws.com	booking.highfieldhoteldurham.co.uk
1	www.google.de	booking.highfieldhoteldurham.co.uk
1	www.google.com	booking.highfieldhoteldurham.co.uk
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	d14m6r1z596agm.cloudfront.net
1	cdn.ravenjs.com	booking.highfieldhoteldurham.co.uk
28	13

This site contains links to these domains. Also see Links.

Domain
www.thehighfield.co.uk

Subject Issuer	Validity	Valid
booking.highfieldhoteldurham.co.uk R3	`2022-12-30` - `2023-03-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
1610534878.rsc.cdn77.org R3	`2023-01-11` - `2023-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.website.thebookingfactory.com R3	`2023-02-17` - `2023-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://booking.highfieldhoteldurham.co.uk/book
Frame ID: B41E3DC525D4701323BC090614AE0F55
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Highfield Hotel - Online Booking

Page URL History Show full URLs

https://booking.highfieldhoteldurham.co.uk/ HTTP 301
https://booking.highfieldhoteldurham.co.uk/book Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

28
Requests

96 %
HTTPS

77 %
IPv6

13
Domains

13
Subdomains

14
IPs

3
Countries

625 kB
Transfer

1912 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thehighfield.co.uk/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://booking.highfieldhoteldurham.co.uk/ HTTP 301
https://booking.highfieldhoteldurham.co.uk/book Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request book Show response
booking.highfieldhoteldurham.co.uk/
Redirect Chain

https://booking.highfieldhoteldurham.co.uk/
https://booking.highfieldhoteldurham.co.uk/book

4 KB
2 KB

57ms
56ms

Document
text/html

54.78.200.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.highfieldhoteldurham.co.uk/book

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.200.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-200-71.eu-west-1.compute.amazonaws.com

Software

nginx/1.11.3 /

Resource Hash

cf0d319fc781f1571b5db185cee0d71a599bfe6df311da65f870de9eab6b53d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=315360000 public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 Mar 2023 00:06:09 GMT
etag: W/"cf0d319fc781f1571b5db185cee0d71a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.11.3
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
weird-tag: w
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 4236dbe1-a76d-435b-8cfa-d05f353d92d4
x-runtime: 0.021992
x-xss-protection: 1; mode=block

Redirect headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 01 Mar 2023 00:06:09 GMT
location: https://booking.highfieldhoteldurham.co.uk/book
server: nginx/1.11.3
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
weird-tag: w
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 cookie_consent.1.js Show response
d14m6r1z596agm.cloudfront.net/modules/ 165 KB
40 KB 108ms
34ms Script
application/javascript 2600:9000:211a:8c00:10:c031:dd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d14m6r1z596agm.cloudfront.net/modules/cookie_consent.1.js
Requested by: Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8c00:10:c031:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bdf94e6c8565f8ddb1b61cbc4bfa87c940cff077a30132e8cdf76dc88f2a31d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
date: Tue, 21 Feb 2023 07:13:27 GMT
last-modified: Fri, 09 Apr 2021 14:08:50 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 665563
etag: W/"e400ac7f0c4cacb869849f1d3ed3b4e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: OXJPw23kWL9yLk8vZwu_fCEp0OD7nNIhfQonUMc0iXjUZa8w1LglhQ==

GET
H2 200 9b4abff36d.js Show response
use.fontawesome.com/ 9 KB
4 KB 55ms
25ms Script
text/javascript 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/9b4abff36d.js
Requested by: Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda3be528f7725cd0a8b36573839c16312bfacbfcde0f7fe414485cd222898af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 00:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PJAFS1BKP3VXD7RA
age: 3197
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: GoxkmjCXR5QXF47dyQlu931I0ZKHyOp2JID3YiG7oU1Ol0A8qknSFgrWp5s5bVwfWzLd1rxlMWA=
last-modified: Thu, 01 Jul 2021 13:12:06 GMT
server: cloudflare
etag: W/"2044a02ac202b3d32de3c0eb4b4923cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L63jXnZLH1SD8rjUgIaGuWtyBgoojwKLGx%2FFxuheT8pvGSipYsb%2BvU1sTDg%2Fq8820FFt2j2Rce1IUr9PBYvkt0m6tKokV%2BdNIwZDD961NUAhQf6z7XqPwltRbelV6VFEHV%2Fh0tVQTuq3aHTUyYP%2FmLYR"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 7a0d2706b81dbb56-FRA

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.8.1/ 21 KB
8 KB 35ms
6ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.8.1/raven.min.js
Requested by: Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: fd2c4520a3d59da0d21fbe3d009df84ff3e448c28f7c88807fc277038f7ae9ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 00:06:09 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2016 16:35:03 GMT
server: Fastly
age: 3173
etag: "f05c5502275fc20f0d12d8c0bda3fff4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 8422

GET
H2 200 tbf_pbw.js Show response
d14m6r1z596agm.cloudfront.net/ 731 B
1 KB 28ms
28ms Script
application/javascript 2600:9000:211a:8c00:10:c031:dd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d14m6r1z596agm.cloudfront.net/tbf_pbw.js
Requested by: Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8c00:10:c031:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8a5dc88582252df00064bc7b650b4fa379b13d326140c525fd7ffc77afc5a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:58:04 GMT
x-amz-version-id: imaIgwI2scQ9Ybfv0p4DKuwXTkrFdwR0
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 2365686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 731
last-modified: Wed, 01 Feb 2023 14:57:25 GMT
server: AmazonS3
etag: "4cf72acf3cec61cac887f08c4845e264"
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 8QrpkJIJaDq1iCIVoepnRZlesDd3RwmuDdMaDWQ8LIzN6tNehAjRSg==

GET
H2 200 multipleCardTokenization.min.js Show response
d14m6r1z596agm.cloudfront.net/ 164 KB
42 KB 26ms
26ms Script
application/javascript 2600:9000:211a:8c00:10:c031:dd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d14m6r1z596agm.cloudfront.net/multipleCardTokenization.min.js
Requested by: Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8c00:10:c031:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3452a150cad23b6a0b7f71ea0d4115fe2cd1d911bc6a9f0aec2ff84d8d49c69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:28:06 GMT
x-amz-version-id: vZTQNql2QNOMMIXk6d1a16ck2yCYevQo
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 13:15:44 GMT
server: AmazonS3
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/"a9613f32168ca1cedd67dfce78d18603"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 409084
x-amz-replication-status: COMPLETED
x-amz-cf-id: nVFpmSRBD0js6Tysjd83eXq6SjpNdgXzqhFw0gs3i5OcE70TreHhZQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 130 KB
51 KB 198ms
80ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10784789108

Requested by

Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd41970a5f18c9574d33014f40b623b2c58f1991ae1ba1ab807a2ad2ebd6e839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 00:06:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Mar 2023 00:06:09 GMT

GET
H2 200 1x1.gif
d14m6r1z596agm.cloudfront.net/ 42 B
414 B 23ms
23ms Image
image/gif 2600:9000:211a:8c00:10:c031:dd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d14m6r1z596agm.cloudfront.net/1x1.gif?k=XYzRFUfJTS-EJ0ZstWbxB-VRGpGUDF0b-idHbzd2Ryo-WNHJVdyYXO-==QQsREWnF
Requested by: Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8c00:10:c031:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 07:20:05 GMT
x-amz-version-id: null
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
last-modified: Wed, 04 Apr 2018 05:02:06 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 1874765
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 42
x-amz-cf-id: xahypeFB4ueQAYynqiekqOLkr7XbGOOoMlRVhld-sH8rJxi-tuT4-A==

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 3 KB
2 KB 64ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

f6992885de0b28cbcf927235a4f164c9a316a4b4efaaafe53b30bd392db0172c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Mar 2023 00:06:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 260
x-77-nzt: AcO1rgVZvcj/BAEAAA
x-accel-expires: @1677629509
last-modified: Mon, 27 Feb 2023 13:40:16 GMT
server: CDN77-Turbo
etag: W/"63fcb2c0-c4a"
x-77-nzt-ray: 25b02131748696cef196fe6358f2ee34
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 9b4abff36d.css
use.fontawesome.com/ 1 KB
794 B 219ms
218ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/9b4abff36d.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/9b4abff36d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb91a9c1e9ee5cf180e66f31c4e73f01143500f13f4f23cd0ff2009b22f1f140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 00:06:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 01 Jul 2021 13:12:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: Y7RK9HY5FX93TYRF
etag: W/"03d12cecc3da7d5fa7dedfeb961c7b1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9a4rYN11F85fuTd37ZingWz7CfznylUCnUDcUPo79Nwm1t%2BvzscHmD2WNgLMQ%2Bi1kcugOrw00G8IdZKy8Fg62MMgNo%2B3lbGYp1iMhAcg3D1K73K9uh3WU2hOMc7g%2FcHEl8XhSjWU95hkNC7PTwadar71"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 7a0d2707789bbb56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: G5SS8REGPatj2rvyG/3rt9KSB6rImZUpbJPcA4qyELPbwV7/W1RBvwzG2mR1vlLSzJOX1eHZ/Vg=

GET
H2 200 public_booking_widget.a8106d96.js Show response
d14m6r1z596agm.cloudfront.net/ 875 KB
224 KB 26ms
24ms Script
application/javascript 2600:9000:211a:8c00:10:c031:dd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d14m6r1z596agm.cloudfront.net/public_booking_widget.a8106d96.js
Requested by: Host: d14m6r1z596agm.cloudfront.net
URL: https://d14m6r1z596agm.cloudfront.net/tbf_pbw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8c00:10:c031:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64818304654faf8ba48287afef8a6f271261d53004fef237f528ad83f6073bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 14:58:04 GMT
x-amz-version-id: 9VCpIWbIkvuPd.nM89tOdoxhw6zWejnM
content-encoding: gzip
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 2365686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 Feb 2023 14:57:26 GMT
server: AmazonS3
etag: W/"b34e012a8bda44a022173aec6149cda5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: t-MIUJW6DF8UnC3C2C-DLSsohcBv56byAHYp-3zaxGBE3qBnZeYXcw==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 134ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,latin-ext

Requested by

Host: d14m6r1z596agm.cloudfront.net
URL: https://d14m6r1z596agm.cloudfront.net/tbf_pbw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Mar 2023 00:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 23:57:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Mar 2023 00:06:09 GMT

GET
H2 200 public_booking_widget.e513e104.css
d14m6r1z596agm.cloudfront.net/ 140 KB
48 KB 54ms
54ms Stylesheet
text/css 2600:9000:211a:8c00:10:c031:dd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d14m6r1z596agm.cloudfront.net/public_booking_widget.e513e104.css
Requested by: Host: d14m6r1z596agm.cloudfront.net
URL: https://d14m6r1z596agm.cloudfront.net/tbf_pbw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8c00:10:c031:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bee99779c163af84fd378705936c5ad2f19b6289dacefc1d2f88ed5600b0832c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:07:54 GMT
x-amz-version-id: xSUtQ36.8i0uBZZ8kzodY12vyVRtPqNx
content-encoding: gzip
via: 1.1 8cfc2a35d3218c50ced5f2d05f5dcbd0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 4111095
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Dec 2022 09:26:44 GMT
server: AmazonS3
etag: W/"d1c94910be9e1543dfcc42ba3bc52ff9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-id: YPQuAj776I1BCybjbggIZ2YhUE4YdvcBtjIBOv9O4SgOxPOc5Psuqw==

GET
H2 200 init.bf9bf3347494fdee4810.js Show response
rec.smartlook.com/es6/ 54 KB
16 KB 29ms
13ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/es6/init.bf9bf3347494fdee4810.js

Requested by

Host: rec.smartlook.com
URL: https://rec.smartlook.com/recorder.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

746f3a139822580f0624c625bc62c9bd6b275f425d03879baf7e0a3019ca1a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://booking.highfieldhoteldurham.co.uk/
Origin: https://booking.highfieldhoteldurham.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Mar 2023 00:06:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 121719
x-77-nzt: AcO1rgWX8aX/d9sBAA
x-accel-expires: @1709043450
last-modified: Mon, 27 Feb 2023 13:40:16 GMT
server: CDN77-Turbo
etag: W/"63fcb2c0-d9e8"
x-77-nzt-ray: 25b02131da81f9cef196fe633d52f436
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

OPTIONS
H2 200 hotel_info
app.thebookingfactory.com/api/public/v1/ 0
0 100ms
37ms Preflight
text/plain 52.214.210.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thebookingfactory.com/api/public/v1/hotel_info?profile=&locale=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.210.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-210-69.eu-west-1.compute.amazonaws.com

Software

nginx/1.11.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: token
Access-Control-Request-Method: GET
Origin: https://booking.highfieldhoteldurham.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, Token, X-App-Version
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Wed, 01 Mar 2023 00:06:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.11.3
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
weird-tag: s
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e4b52b41-a639-4c71-8263-482b9c47083e
x-runtime: 0.004085
x-xss-protection: 1; mode=block

OPTIONS
H2 200 available_dates
app.thebookingfactory.com/api/public/v1/ 0
0 86ms
35ms Preflight
text/plain 52.214.210.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thebookingfactory.com/api/public/v1/available_dates?profile=&date_from=2023-03-01&date_to=2023-07-01&locale=en&promocode=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.210.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-210-69.eu-west-1.compute.amazonaws.com

Software

nginx/1.11.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: token
Access-Control-Request-Method: GET
Origin: https://booking.highfieldhoteldurham.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, Token, X-App-Version
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Wed, 01 Mar 2023 00:06:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.11.3
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
weird-tag: s
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: c441af5b-4cf1-49c7-b5f8-bf2e216fac93
x-runtime: 0.002690
x-xss-protection: 1; mode=block

GET
H2 200 hotel_info Show response
app.thebookingfactory.com/api/public/v1/ 83 KB
14 KB 213ms
213ms Fetch
application/json 52.214.210.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thebookingfactory.com/api/public/v1/hotel_info?profile=&locale=en

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.8.1/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.210.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-210-69.eu-west-1.compute.amazonaws.com

Software

nginx/1.11.3 /

Resource Hash

75fa184c674357d44b0c6c229b267c0ceb8d8685e70518ada10ec4ba4b14042d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://booking.highfieldhoteldurham.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Token: I2_PTsapqmklgBDoACPjFEZ2Ggslwb9v2uRG5agXDlA

Response headers

date: Wed, 01 Mar 2023 00:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: dc9168c1-ab0c-422a-82be-faa795591a86
x-runtime: 0.150916
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.11.3
etag: W/"75fa184c674357d44b0c6c229b267c0c"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, Token, X-App-Version
weird-tag: s

GET available_dates
app.thebookingfactory.com/api/public/v1/ 0
0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 174ms
59ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://booking.highfieldhoteldurham.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:40:31 GMT
x-content-type-options: nosniff
age: 469539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:40:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 214ms
100ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://booking.highfieldhoteldurham.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 471134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:13:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 157ms
47ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://booking.highfieldhoteldurham.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 474185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 12:23:05 GMT

GET
H3 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.6.3/css/ 28 KB
7 KB 14ms
13ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/9b4abff36d.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/9b4abff36d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 00:06:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BW4HZKJARJ5HKRA1
age: 2408186
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MxXmI7I075DL3CfthCjQwem7gpecpFWvO+Pb/zkbiMv8h3TJNMTyuB/6k7Eek0J72A8wwjJXIgZyfMZf52WceQ==
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"7937bc10f6c59ceed1ff6e6bbebfcd8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9aFhHJDnWHPkpo78xOoivgJuGIo5gYTd%2Blg8%2F9k0WA%2B497nvWGC7OMq0jW4V0pF%2Bqm30a23eT9P8gndyT7z%2Brxz138sOWrLjOiwhHf4KZ8MH%2B%2FHZjB5qwkOFYyEnlS%2BLGWB6T3CsyBWXHVDgmsHdX3f"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7a0d2708ec05382c-FRA

GET
H3 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.6.3/fonts/ 70 KB
71 KB 566ms
550ms Font
application/octet-stream 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/9b4abff36d.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://use.fontawesome.com/9b4abff36d.css
Origin: https://booking.highfieldhoteldurham.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 00:06:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8102DX475XN3BBCJ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
x-amz-id-2: JGj9H7RuiWNXHWLdEQmBx6TE2iX53CDMd2CqwC8PwtNv4NKcxoxEGI6uGFAO1t2eBDGtoRfPtFY=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp7%2BjhobIQB%2FtzuPIUx%2B%2BsMeFptsd%2B7xbpPRuk2l8GgpB6ZJv25E8TpAQY3REfxjwkdZMCj%2B9TmvwEWZTpgx%2B1DHS%2FLgM%2FlvRRniL7WqkFJGxYOHAjF9MlE4bvX6%2Fz0Qw9HUkUE1KrTuubBUycxRbHOt"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7a0d27092dd59b43-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10784789108/ 3 KB
2 KB 180ms
84ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10784789108/?random=1677629170101&cv=11&fst=1677629170101&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbooking.highfieldhoteldurham.co.uk%2Fbook&tiba=The%20Highfield%20Hotel%20-%20Online%20Booking&auid=930748545.1677629170&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10784789108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04ef98978bbfd4ce10e0427620e6350850f17918451a56e204930c6da56cd548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 00:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 79ms
78ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=HA-540689864&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10784789108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

419cfa49a72d916f8c33f49550dac3b5cb74eae4a9c64eb990450a60a7fc6307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 00:06:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 40519
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Mar 2023 00:06:10 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10784789108/ 42 B
455 B 192ms
73ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10784789108/?random=1677629170101&cv=11&fst=1677628800000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbooking.highfieldhoteldurham.co.uk%2Fbook&tiba=The%20Highfield%20Hotel%20-%20Online%20Booking&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=873146727&rmt_tld=0&ipr=y

Requested by

Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 00:06:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10784789108/ 42 B
455 B 187ms
72ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10784789108/?random=1677629170101&cv=11&fst=1677628800000&bg=ffffff&guid=ON&async=1&gtm=45be32r0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fbooking.highfieldhoteldurham.co.uk%2Fbook&tiba=The%20Highfield%20Hotel%20-%20Online%20Booking&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=873146727&rmt_tld=1&ipr=y

Requested by

Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 00:06:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK highfield-logo-web-top-v3-dark.jpg
buuqit-images-prod.s3.amazonaws.com/hotels/invoice_logos/000/004/741/default/ 4 KB
5 KB 200ms
83ms Image
image/jpeg 52.92.18.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buuqit-images-prod.s3.amazonaws.com/hotels/invoice_logos/000/004/741/default/highfield-logo-web-top-v3-dark.jpg?1594237712
Requested by: Host: booking.highfieldhoteldurham.co.uk
URL: https://booking.highfieldhoteldurham.co.uk/book
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.18.121 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2898df8f0531e019bb0448571fe61297e975d7697bf69330b80a88babaecced3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://booking.highfieldhoteldurham.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 00:06:11 GMT
x-amz-version-id: null
Last-Modified: Wed, 08 Jul 2020 19:48:34 GMT
Server: AmazonS3
x-amz-request-id: 8101JZXDPM5ZQ3MA
ETag: "b6e045979a51a2c0697f3dafa826163a"
Content-Type: image/jpeg
Cache-Control: max-age=604800
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 4192
x-amz-id-2: iDp3t1n2A4OKOKiXlsIki8X78cSbA0KdxWDy2UuS490C9bIh/WkVrBe9zreDErvtEhCdyDWdHEA=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ec9d9d8a9b14782f1225932b4c674ddd09b7b3395ea91884a4f50a9955ffe26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5aefce99131e415b42b92acd0a6c5f9a109c9769191702ee6f6c539d87d42f10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.thebookingfactory.com
URL: https://app.thebookingfactory.com/api/public/v1/available_dates?profile=&date_from=2023-03-01&date_to=2023-07-01&locale=en&promocode=

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
booking.highfieldhoteldurham.co.uk/	1970-01-20 10:00:32	Name: tbf_lCzKJrv9UxKb4HPgIHV92Q Value: I2_PTsapqmklgBDoACPjFEZ2Ggslwb9v2uRG5agXDlA
.highfieldhoteldurham.co.uk/	1970-01-20 12:10:05	Name: _gcl_au Value: 1.1.930748545.1677629170
.doubleclick.net/	1970-01-20 10:00:30	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.thebookingfactory.com
booking.highfieldhoteldurham.co.uk
buuqit-images-prod.s3.amazonaws.com
cdn.ravenjs.com
d14m6r1z596agm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
rec.smartlook.com
use.fontawesome.com
www.google.com
www.google.de
www.googletagmanager.com
app.thebookingfactory.com
2600:9000:211a:8c00:10:c031:dd80:93a1
2606:4700:e2::ac40:850f
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:400d:803::2008
2a00:1450:400d:806::2003
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2004
2a02:6ea0:c700::11
2a04:4e42::729
52.214.210.69
52.92.18.121
54.78.200.71
04ef98978bbfd4ce10e0427620e6350850f17918451a56e204930c6da56cd548
2898df8f0531e019bb0448571fe61297e975d7697bf69330b80a88babaecced3
419cfa49a72d916f8c33f49550dac3b5cb74eae4a9c64eb990450a60a7fc6307
4bdf94e6c8565f8ddb1b61cbc4bfa87c940cff077a30132e8cdf76dc88f2a31d
5aefce99131e415b42b92acd0a6c5f9a109c9769191702ee6f6c539d87d42f10
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
64818304654faf8ba48287afef8a6f271261d53004fef237f528ad83f6073bf9
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
746f3a139822580f0624c625bc62c9bd6b275f425d03879baf7e0a3019ca1a36
75fa184c674357d44b0c6c229b267c0ceb8d8685e70518ada10ec4ba4b14042d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ec9d9d8a9b14782f1225932b4c674ddd09b7b3395ea91884a4f50a9955ffe26
bee99779c163af84fd378705936c5ad2f19b6289dacefc1d2f88ed5600b0832c
c8a5dc88582252df00064bc7b650b4fa379b13d326140c525fd7ffc77afc5a42
cf0d319fc781f1571b5db185cee0d71a599bfe6df311da65f870de9eab6b53d6
e3452a150cad23b6a0b7f71ea0d4115fe2cd1d911bc6a9f0aec2ff84d8d49c69
eb91a9c1e9ee5cf180e66f31c4e73f01143500f13f4f23cd0ff2009b22f1f140
eda3be528f7725cd0a8b36573839c16312bfacbfcde0f7fe414485cd222898af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6992885de0b28cbcf927235a4f164c9a316a4b4efaaafe53b30bd392db0172c
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd2c4520a3d59da0d21fbe3d009df84ff3e448c28f7c88807fc277038f7ae9ed
fd41970a5f18c9574d33014f40b623b2c58f1991ae1ba1ab807a2ad2ebd6e839

booking.highfieldhoteldurham.co.uk Open in urlscan Pro 54.78.200.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

77 %IPv6

13 Domains

13 Subdomains

14 IPs

3 Countries

625 kBTransfer

1912 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

booking.highfieldhoteldurham.co.uk Open in urlscan Pro
54.78.200.71 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

77 %
IPv6

13
Domains

13
Subdomains

14
IPs

3
Countries

625 kB
Transfer

1912 kB
Size

3
Cookies

28 HTTP transactions
2 data transactions