urlscan.io logo urlscan.io
SecurityTrails logo

flatestilosocomvistaparapiscinadotheexpression.hotelbi.top Open in urlscan Pro
204.93.224.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top:443/
Effective URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Submission: On July 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 39 HTTP transactions. The main IP is 204.93.224.158, located in Chicago, United States and belongs to SERVERCENTRAL, US. The main domain is flatestilosocomvistaparapiscinadotheexpression.hotelbi.top.
TLS certificate: Issued by R3 on May 29th 2024. Valid for: 3 months.
This is the only time flatestilosocomvistaparapiscinadotheexpression.hotelbi.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    204.93.224.158 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: bh8964.banahosting.com
flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
4    2606:4700:4400::ac40:999e (United States)

ASN13335 (CLOUDFLARENET, US)
widget.getyourguide.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:3500:11::215:14c6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn-icons-png.flaticon.com
6    2600:9000:266e:fe00:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.bstatic.com
9    2606:4700:3030::ac43:8b77 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    18.245.60.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-2.fra60.r.cloudfront.net
www.booking.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2060
ka-f.fontawesome.com — Cisco Umbrella Rank: 5357
187 KB
8 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469
fonts.googleapis.com — Cisco Umbrella Rank: 83
translate.googleapis.com — Cisco Umbrella Rank: 1319
108 KB
6 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 18227
487 KB
4 getyourguide.com
widget.getyourguide.com — Cisco Umbrella Rank: 47308
26 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
21 KB
2 flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 53723
21 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 booking.com
www.booking.com — Cisco Umbrella Rank: 10502
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
102 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1540
32 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286
6 KB
1 hotelbi.top
flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
6 KB
39 12
Domain Requested by
9 ka-f.fontawesome.com kit.fontawesome.com
flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
6 cf.bstatic.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
5 fonts.googleapis.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
4 widget.getyourguide.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
widget.getyourguide.com
2 fonts.gstatic.com fonts.googleapis.com
2 translate.googleapis.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
2 cdn-icons-png.flaticon.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
1 region1.google-analytics.com www.googletagmanager.com
1 www.booking.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
1 www.gstatic.com
1 www.googletagmanager.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
1 translate.google.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
1 maxcdn.bootstrapcdn.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
1 kit.fontawesome.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
1 ajax.googleapis.com flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
1 flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
39 16

This site contains links to these domains. Also see Links.

Domain
booking.com
Subject Issuer Validity Valid
*.hotelbi.top
R3		 2024-05-29 -
2024-08-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
widget.getyourguide.com
WE1		 2024-06-22 -
2024-09-20		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.flaticon.com
E6		 2024-06-07 -
2024-09-05		 3 months crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-29 -
2024-11-28		 a year crt.sh
ka-f.fontawesome.com
WE1		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.booking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-01 -
2025-03-25		 a year crt.sh

This page contains 3 frames:

Primary Page: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Frame ID: C46F57A86B983D401CB645F6127B2858
Requests: 38 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-16.7191825165731&longitude=-49.294973842555&landmark_name=Flat%20estiloso%20com%20vista%20para%20piscina%20do%20The%20Expression%20-%20Setor%20Bueno%20-%20TH606&mwhsb=0&address=921%20Rua%20T-51,%20Setor%20Bueno,%20Goi%C3%A2nia,%20CEP%2074150-160,%20Brazil&
Frame ID: B8A414F39F4EA98AAE5546982B8E22C5
Requests: 1 HTTP requests in this frame

Frame: https://widget.getyourguide.com/default/activities-auto.frame?sha=61d4be5d-5641-550e-8215-790122a9a5a5&partner_id=KACJMIV&widget=auto&widget_created=1719918814969&host_font_family=poppins&host_link_color=rgb(255%2C%20255%2C%20255)&host_link_decoration=none%20solid%20rgb(255%2C%20255%2C%20255)&host_image_border_radius=20px&website=https%3A%2F%2Fflatestilosocomvistaparapiscinadotheexpression.hotelbi.top%2F&visitor_id=C4F481299F8C4D478972E33370F59D35
Frame ID: C8F47F88C830A4A4784F4871A9683952
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flat estiloso com vista para piscina do The Expression - Setor Bueno - TH606

Page URL History Show full URLs

  1. http://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top:443/ HTTP 307
    https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

81 %
IPv6

12
Domains

16
Subdomains

17
IPs

3
Countries

994 kB
Transfer

1833 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top:443/ HTTP 307
    https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Redirect Chain
  • http://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top:443/
  • https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
26 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.93.224.158 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8964.banahosting.com
Software
/
Resource Hash
3b42dcfa564214b9d9446932870c0c9dc3016e4339452d8eb8eae9a460a826bb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 11:13:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding

Redirect headers

Location
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Non-Authoritative-Reason
HttpsUpgrades
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 14:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
421184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 14:13:49 GMT
css
fonts.googleapis.com/ 		761 B
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 11:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 09:20:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 11:13:33 GMT
css
fonts.googleapis.com/ 		12 KB
972 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900&display=swap
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79a8e28379ed7b80c424eb8df7a718c955320e1ef52e90f8ae0b4ec9763c1147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 11:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 10:27:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 11:13:33 GMT
css
fonts.googleapis.com/ 		4 KB
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 11:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 11:08:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 11:13:33 GMT
css
fonts.googleapis.com/ 		6 KB
625 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,600,700&display=swap
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bc5f6b6f1143cf8f2c71bae999538c21c7cf309f3f8a27b66c4f1928ea86d8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 11:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 11:03:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 11:13:33 GMT
css
fonts.googleapis.com/ 		11 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin:100,200,300,400,500,600,700,800,900&display=swap
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23daa07b4cbfa8e9a4a4aa17f77ebab31297e8dcd5f1c082dc21f284ab5dd03a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 11:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 11:13:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 11:13:33 GMT
c597f1ee3e.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/c597f1ee3e.js
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1171477758a5a49da14f187ac42d8b734f6ff44c89784289f28b9dc7538168ca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Origin
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:33 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
89ce3507dc079b5b-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F95hDGFzYg-QEbwH_2jB
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
845
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2440246
cdn-cachedat
01/03/2024 12:27:37
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"feda974a77ea5783b8be673f142b7c88"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
4e82232fedbe8f50a96cdb08b14d46a2
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
89ce35078f97c079-WAW
cdn-requestpullsuccess
True
element.js
translate.google.com/translate_a/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8330b1bcdfeb2146d4405a09aa0029a1b79e5d68686b4a9ec62b507207449661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Jul 2024 11:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
pa.umd.production.min.js
widget.getyourguide.com/dist/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/dist/pa.umd.production.min.js
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:999e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
282300faee394628026f002f1e3c4d509a66b94bf09e6a2910f61f818f5834c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
04MMF0KB41N1TF8M
age
1137
x-amz-server-side-encryption
AES256
x-amz-id-2
tMut/3A84qUSz5B86MYyElEr0VfaeqZk6Lbl1guSByNz00c4/mrH70udNc1IEWSJIQC1Qwjwno0=
last-modified
Fri, 07 Jun 2024 08:43:23 GMT
server
cloudflare
etag
W/"bea8124e946f6f3aae471dade0696dcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c94Cz%2Fm3IQ7z7%2B0INrEJ1kk8Vt3rS2ggQqprzEH00zQYSCP%2FeZqqDBIWSRN8R5fcirrDU7wunXLSX5I3ULp6Edt37LXwpHbFqzAt8brFoykR0hQbjvKxJsXVuip8MYPS4m14bd%2B%2B0yUU589ehV1WaQAYdnPD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600, public, must-revalidate
cf-ray
89ce3509faa32c3b-FRA
js
www.googletagmanager.com/gtag/ 		306 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GQPP52LWDP
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b14a53432cbd4a2f5c7b18203f3ed5280bf4fa1f8accdd931552194a3151ec12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103798
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jul 2024 11:13:34 GMT
4540790.png
cdn-icons-png.flaticon.com/512/4540/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-icons-png.flaticon.com/512/4540/4540790.png
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14c6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ea566bcfe25ec81ab2688387def9cb5990637e85a559003486d7f44f434302b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:33 GMT
x-amz-meta-goog-reserved-file-mtime
1618407112
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
21282
pragma
public
last-modified
Thu, 14 Oct 2021 17:42:10 GMT
etag
"a442729b18adb8a2204efb18b90423e8"
vary
Accept-Encoding
x-goog-generation
1634233330818338
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
x-goog-stored-content-length
21282
x-amz-checksum-crc32c
FvDczg==
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1627247437293334
expires
Tue, 02 Jul 2024 11:13:33 GMT
290445746.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/290445746.jpg?k=73c17ff00fa8aa51d8f80b72067663a41f5e02caa6b5da2ddd0e7cb738272a66&o=&hp=1
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:fe00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ac488f4c210df86d62c61c20c14826a4148dadba48f8268e9a66477a0653ecd8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 08:48:27 GMT
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P8
age
181506
etag
"dc26d392d0c1ad6ea8f1c6cfe26423229fac4eb7"
x-cache
Hit from cloudfront
content-language
94818
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Py53jCDhwWV3re_K4f-mScue-pZbweQZ8KPow15i9lae1R2o_I4Hew==
x-xss-protection
1; mode=block
290445745.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/290445745.jpg?k=230497f56ea7b16664fb483b6e0b4d4b09af79d40e9d6352941e297ada4bab41&o=&hp=1
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:fe00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ae0a9ea0ac752d44b73395c8f675a5099323c8de1dbae62105ba300493259b7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 08:48:27 GMT
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P8
age
181506
etag
"2f6026f232f0f9732e6f37a6d060c41bc030bda4"
x-cache
Hit from cloudfront
content-language
77203
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
1AFum5MA5I073sGSOhHmgmO-x-Ucvg7O1PZPGWDnggpFgw5-c07ubQ==
x-xss-protection
1; mode=block
290445748.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/290445748.jpg?k=f59b57682976dc4dc346641350ac9e37a1232557e627ed5c3e462a7b7229c034&o=&hp=1
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:fe00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2c7a32fd866d6f01c24cfe5b3d51f66b7ab108e30a623aba71b55349369cb8f1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 08:48:27 GMT
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P8
age
181506
etag
"bad949a5a52ecca818ed67493f6ed2c65717a4dc"
x-cache
Hit from cloudfront
content-language
72685
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Q3J9N65cmIrcCxXBfCneOIi3CEWFL2FgkjSs0zvDiImVBfU1I7UsMg==
x-xss-protection
1; mode=block
290445749.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/290445749.jpg?k=a72c74809962968144218698cb696a3b030397cb2b871fe77ae96780742687a0&o=&hp=1
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:fe00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c42117b3b9990051de9a205acd457d82ff1587fc6fb8dd754570bab745bd2e59
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 08:48:27 GMT
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P8
age
181506
etag
"8d02fa42e7e443d1f4032e5c1fb82b31d8d110a1"
x-cache
Hit from cloudfront
content-language
97750
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Jk8Fu8c9Ond0Tv644XwxmouN5BYzRt8L6a1bCSPzAcqD7pq1FEkH5w==
x-xss-protection
1; mode=block
290445747.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/290445747.jpg?k=601197615ab78bba7830af556358b845495ab4a76c0cad912513d076aa8981a6&o=&hp=1
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:fe00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1e47de387fd7f03dff239c528820f190e8e2771046d368f6f9510b23ecdaf4c3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 08:48:27 GMT
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P8
age
181506
etag
"31930e710490b7f9578dedcc76e90fe7094470ed"
x-cache
Hit from cloudfront
content-language
86475
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
PGvF1o4khLyKyfOa_DZSZGlgE2Q32cyqinAhrTnOBjTYhpW4fGyQcA==
x-xss-protection
1; mode=block
free.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		101 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
content-encoding
gzip
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InRYhb%2FCRMvv2y0PSCqSHcK%2B46ohAxa5ByTUFz%2FB%2BYBAgqkLB0UBFjwmzSjRCxgm1MYDgHlBEVoPCViDPeL5K6ZPGtm2BNNw6ye4C4c0qOShjBNwQ0VgGW8ujWyZPzryaXPGxQVyR5OD%2BBC6cERzDqaGlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89ce350b9cb92c23-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
tGmhTgyI6jtwvQmejv69J9h8zkXfSD00fBwT8bd5R_bo4N-ufn26lA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
content-encoding
gzip
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jQjP9IK8wj3jBh6yFxH7Ne2HLBh4WPcApG%2FWaQLzzVke02fnVOPd4Fj8Y2I93NUnFQ3MhjN0d%2FdGTdbflun5I2h7Ht0mnnWQqTyZ8HeK%2Bcjq9g81T2%2BfG78%2BuPezW9DuTRQ5K1XoREXxasJVHwpEscHsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89ce350b9cbf2c23-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
6NirrmrmIWgeceALtKmKeGVa1MP87jPnpb0rNgBSfVmTG5E7g_W-gw==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		823 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZfFCBqJzbVB3KC4jjmshA9Yf%2BqUrSW%2Fhb6Aqa%2B6pat9m6r5ybwiyShsBoBvgKSoWPcsz3c5shA8Lymf3uZazQli8Ughs65WwXXllIAuFfea4iUfsi7knqD0nMQS8Vwe1UuzswpbKPu%2BoSnLivoJrpnHEvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89ce350b9cc22c23-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
7jqJTOTqKKFHk_4QLvIDW1qzkaU255NsgJTJWtDz_6vJ_9KhJCJkvQ==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
content-encoding
gzip
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWMWQTELxgzXd%2FiMGLJRmLiFuuTErElwmU%2BqbRK%2FnEUImtcjk%2F8eYF3CW3L9aNV64%2BAmooBnYOQnn2EgaX2hYr75ENyLpDogvB9oT2UEHdGbUNfoef2PC9b2MGbrWMfpO3w2pKrwraSfLpd8tzjDvnZbCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89ce350b9cbd2c23-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
O4bKwHAo3vrAefOaMKxfH5ew1ia2u8FYg97UnJi-ueota0KbRfmnRA==
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAY/d=0/rs=AN8SPfrev-A3NvrBP0gNq8zXCqKY7IcBLA/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAY/d=0/rs=AN8SPfrev-A3NvrBP0gNq8zXCqKY7IcBLA/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.XFTv9iuhO6U.O/am=GAY/d=1/rs=AN8SPfoC4HV4OY9pU61Qmvf8do1rqpySBA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 13:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jun 2025 13:23:06 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.XFTv9iuhO6U.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfoCyJvbOtial-V_-oGuukMZEq6Pbg/ 		207 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.XFTv9iuhO6U.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfoCyJvbOtial-V_-oGuukMZEq6Pbg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.XFTv9iuhO6U.O/am=GAY/d=1/rs=AN8SPfoC4HV4OY9pU61Qmvf8do1rqpySBA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481f9b746c2411d4210e6128a12ee769a7a866666f9f1ac453682786c801e17c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72978
x-xss-protection
0
last-modified
Sat, 29 Jun 2024 03:11:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Jul 2025 17:39:19 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		101 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
content-encoding
gzip
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InRYhb%2FCRMvv2y0PSCqSHcK%2B46ohAxa5ByTUFz%2FB%2BYBAgqkLB0UBFjwmzSjRCxgm1MYDgHlBEVoPCViDPeL5K6ZPGtm2BNNw6ye4C4c0qOShjBNwQ0VgGW8ujWyZPzryaXPGxQVyR5OD%2BBC6cERzDqaGlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89ce350b9cb92c23-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
tGmhTgyI6jtwvQmejv69J9h8zkXfSD00fBwT8bd5R_bo4N-ufn26lA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		27 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
content-encoding
gzip
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jQjP9IK8wj3jBh6yFxH7Ne2HLBh4WPcApG%2FWaQLzzVke02fnVOPd4Fj8Y2I93NUnFQ3MhjN0d%2FdGTdbflun5I2h7Ht0mnnWQqTyZ8HeK%2Bcjq9g81T2%2BfG78%2BuPezW9DuTRQ5K1XoREXxasJVHwpEscHsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89ce350b9cbf2c23-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
6NirrmrmIWgeceALtKmKeGVa1MP87jPnpb0rNgBSfVmTG5E7g_W-gw==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		823 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZfFCBqJzbVB3KC4jjmshA9Yf%2BqUrSW%2Fhb6Aqa%2B6pat9m6r5ybwiyShsBoBvgKSoWPcsz3c5shA8Lymf3uZazQli8Ughs65WwXXllIAuFfea4iUfsi7knqD0nMQS8Vwe1UuzswpbKPu%2BoSnLivoJrpnHEvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89ce350b9cc22c23-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
7jqJTOTqKKFHk_4QLvIDW1qzkaU255NsgJTJWtDz_6vJ_9KhJCJkvQ==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		2 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
content-encoding
gzip
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWMWQTELxgzXd%2FiMGLJRmLiFuuTErElwmU%2BqbRK%2FnEUImtcjk%2F8eYF3CW3L9aNV64%2BAmooBnYOQnn2EgaX2hYr75ENyLpDogvB9oT2UEHdGbUNfoef2PC9b2MGbrWMfpO3w2pKrwraSfLpd8tzjDvnZbCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89ce350b9cbd2c23-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
O4bKwHAo3vrAefOaMKxfH5ew1ia2u8FYg97UnJi-ueota0KbRfmnRA==
flexiproduct.html
www.booking.com/ Frame B8A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=-16.7191825165731&longitude=-49.294973842555&landmark_name=Flat%20estiloso%20com%20vista%20para%20piscina%20do%20The%20Expression%20-%20Setor%20Bueno%20-%20TH606&mwhsb=0&address=921%20Rua%20T-51,%20Setor%20Bueno,%20Goi%C3%A2nia,%20CEP%2074150-160,%20Brazil&
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-2.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-encoding
br
content-length
61229
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 11:13:34 GMT
nel
{"report_to":"default","max_age":604800}
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}]}
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
User-Agent, Accept-Encoding
via
1.1 0254a3d4b384cab4933ea28efe6685c2.cloudfront.net (CloudFront)
x-amz-cf-id
QII5Qutt3T_in2rVtoYYk_mp-x4dFqjD9Zu_fHW8mg711Kq1ewre2w==
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
single
translate.googleapis.com/translate_a/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/single?client=gtx&sl=auto&tl=en&dt=t&q=Flat%20estiloso%20com%20vista%20para%20piscina%20do%20The%20Expression%20-%20Setor%20Bueno%20-%20TH606%20offers%20accommodations%20in%20Goi%C3%A2nia%2C%204.2%20miles%20from%20Goiania%20Bus%20Station%20and%207.8%20miles%20from%20Carmo%20Bernardes%20Park.%20Both%20free%20Wifi%20and%20parking%20on-site%20are%20accessible%20at%20the%20apartment%20free%20of%20charge.%20The%20accommodation%20features%20a%2024-hour%20front%20desk%20and%20an%20elevator%20for%20guests.%20%20Guests%20can%20also%20relax%20in%20the%20shared%20lounge%20area.%20%20Palace%20of%20Emeralds%20is%202.4%20miles%20from%20Flat%20estiloso%20com%20vista%20para%20piscina%20do%20The%20Expression%20-%20Setor%20Bueno%20-%20TH606%2C%20while%20Zoroastro%20Artiaga%20Museum%20is%202.6%20miles%20from%20the%20property.%20The%20nearest%20airport%20is%20Santa%20Genoveva%2FGoiania%20Airport%2C%207.5%20miles%20from%20the%20accommodation.
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f45fbde8347e50bb8648d3a6377a99b741d41a27462d7cb910265ac7f50c0222
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jSJ-3fNHhf8yi-LrIP97lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-jSJ-3fNHhf8yi-LrIP97lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/TranslateApiHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoAxEsiLrIeSLzIKsTDcfdg_xY2gRNXVmxkVlJKyi-MLylKzCvOSSxJLU4tKkstijcyMDIxMDM20DOwiC8wAACnrxk9"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
290445740.jpg
cf.bstatic.com/xdata/images/hotel/max1024x768/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1024x768/290445740.jpg?k=ba965c78186d6d2af4e49954edf9b90ddeee29b52907e34cb082dd75ea387568&o=&hp=1
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:fe00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f14a4ad7600572f3943c69a7b5881e265b80e9c721e7e1e9f1700d5f8fd94b4c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 08:48:27 GMT
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P8
age
181506
etag
"0c330ddff7ca2ec2e2264e0317059f9eadd343e6"
x-cache
Hit from cloudfront
content-language
66650
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
MihZ6Lp4KX6WU_iCyspMFiiY86UbPmlO9dpKCHYHsKyYb6qTskdUBg==
x-xss-protection
1; mode=block
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:57:16 GMT
x-content-type-options
nosniff
age
404177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:57:16 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 16:21:03 GMT
x-content-type-options
nosniff
age
413550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 16:21:03 GMT
widget.js
widget.getyourguide.com/pw/latest/client-loader/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:999e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9952519438acf3657140cd08bf94cc4f3afa33962db3da03d09d1a00814790f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CPB7S4AR6ATBNC04
age
73
x-amz-server-side-encryption
AES256
x-amz-id-2
2aa0+GPUeG0xabj34huktKYv/yxz9Dk6Xcu+8WC1zq842mx4NQWQWuY6k5MiJrMwAti3lbbsrVa02latbDyC4w==
last-modified
Mon, 24 Jun 2024 13:58:53 GMT
server
cloudflare
etag
W/"6d3a3cefed70808d596059f20f3429cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FkopKK5NqN9pq0ZmGg2nKhEJvoyaa8OO04hxPMMyMzFZsBgmUkLSYFNyoGnNRB%2BBMOplgwfwJFfZ7VgMsDFnSqh7lNZUCytF7vxW7fmmJVjWDLGtS57sxPOoDyTZSG6KCirw2UHynQgvbXwX%2B8Z66HGPS97"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=100, public, must-revalidate
cf-ray
89ce350a6b172c3b-FRA
gnikcart
widget.getyourguide.com/ 		61 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/gnikcart?q=eyJwYXJ0bmVyX2lkIjoiS0FDSk1JViIsInVybCI6ImZsYXRlc3RpbG9zb2NvbXZpc3RhcGFyYXBpc2NpbmFkb3RoZWV4cHJlc3Npb24uaG90ZWxiaS50b3AvIn0%3D
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:999e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3f116970c91d9e7078628aecc6ffdacd7fd6e61735e940314a8c60f6cd71e6a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:33 GMT
content-security-policy
default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-powered-by
Express
x-envoy-upstream-service-time
7
x-xss-protection
1; mode=block
x-request-id
ce5ccb1e-7532-9def-a651-1057b0b71011
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMKCQ0kPtKKu2P4eqp%2FFH54zFlkUCvshuxZea%2Fpekan7KOdz5joQeiQrolJ%2BU%2BYM4EyPCUBLTTPVqoNTE0Wd6RwIh38AZwiup06B%2BcyLC%2BK2%2FtenWTdb3ZkB1LFZlnkkWiNQijngaliDw%2Be7z2oJSx3FgcEE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
cache-control
private
access-control-allow-credentials
true
cf-ray
89ce350adbc42c3b-FRA
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2
Requested by
Host: flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
URL: https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Origin
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:34 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
156388
last-modified
Tue, 02 Apr 2024 15:51:14 GMT
server
cloudflare
etag
"ae015e3286ef56a0daf8e83838a32a88"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDRQBVyL%2FAkWNqwOkKiIUVjYwsmrQkQExHcKFysNwFa3OeLQDESmKxQoJv5UxLQB2G2E84yqsy5Ioq8STufDYtfuJpm0mEjDhzrlWEmPSrhq79T%2BbtpVf0FfURlY8muq6MYHjRvFn2EWtgOwnTmXPc1orA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
89ce350c3db22c23-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
BF-9ROrUBiTFhJG4pU7qb0B2jQB0bbhTm6TvpuvVtEwLMu5sQkl8JA==
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GQPP52LWDP&gtm=45je46q0v9170782933za200&_p=1719918813616&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1809110776.1719918814&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719918814&sct=1&seg=0&dl=https%3A%2F%2Fflatestilosocomvistaparapiscinadotheexpression.hotelbi.top%2F&dt=Flat%20estiloso%20com%20vista%20para%20piscina%20do%20The%20Expression%20-%20Setor%20Bueno%20-%20TH606&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1755&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GQPP52LWDP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Jul 2024 11:13:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4540790.png
cdn-icons-png.flaticon.com/512/4540/ 		21 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn-icons-png.flaticon.com/512/4540/4540790.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14c6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ea566bcfe25ec81ab2688387def9cb5990637e85a559003486d7f44f434302b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:13:33 GMT
x-amz-meta-goog-reserved-file-mtime
1618407112
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
21282
pragma
public
last-modified
Thu, 14 Oct 2021 17:42:10 GMT
etag
"a442729b18adb8a2204efb18b90423e8"
vary
Accept-Encoding
x-goog-generation
1634233330818338
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
x-goog-stored-content-length
21282
x-amz-checksum-crc32c
FvDczg==
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1627247437293334
expires
Tue, 02 Jul 2024 11:13:33 GMT
activities-auto.frame
widget.getyourguide.com/default/ Frame C8F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/default/activities-auto.frame?sha=61d4be5d-5641-550e-8215-790122a9a5a5&partner_id=KACJMIV&widget=auto&widget_created=1719918814969&host_font_family=poppins&host_link_color=rgb(255%2C%20255%2C%20255)&host_link_decoration=none%20solid%20rgb(255%2C%20255%2C%20255)&host_image_border_radius=20px&website=https%3A%2F%2Fflatestilosocomvistaparapiscinadotheexpression.hotelbi.top%2F&visitor_id=C4F481299F8C4D478972E33370F59D35
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:999e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
89ce3512593e18e2-FRA
content-encoding
br
content-security-policy
default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
content-type
text/html
date
Tue, 02 Jul 2024 11:13:35 GMT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84FX5so1QlxspZeKwBk4k1U272nBfTavx80aSEY0bGXRpCjkbaO3tOFtjKchkE%2FLwIKTorUPBuSEgXxADE9rEe4YyAA7f0vSVZBb4E6SP734WNIBU6%2FiM3A9cHDD2NZ%2FniZQgOHB%2Bz68C5DvjAcHOZYzMBGI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
102
x-powered-by
Express
x-request-id
96999c0d-afea-97ed-bec0-76395beb87ad
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| FontAwesomeKitConfig function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| gtag object| dataLayer function| translateDescription function| denyCookies function| acceptCookies object| HistoryEvents string| gygPAStatus object| _GYG object| widget object| GYG object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Domain/Path Name / Value
flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/ Name: PHPSESSID
Value: 43ff4b9cc353f69ca2f460c43a012abb
.getyourguide.com/ Name: visitor_id
Value: C4F481299F8C4D478972E33370F59D35
.hotelbi.top/ Name: _ga_GQPP52LWDP
Value: GS1.1.1719918814.1.0.1719918814.0.0.0
.hotelbi.top/ Name: _ga
Value: GA1.1.1809110776.1719918814
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT%2BNYK6yk7MZG%2FigBHemmgduI3NEI6afp3lOwQpj2v9yrNi4C8fSg%2BqS%2FRyO7V3MmLBtiV4nmlWH9DK2%2FNWRcafShd7Q4NcgXXJpiP7b2CTulnyD3TlRmvSJ37vMWXU36RsE24DBBfgBlYgjHf0mUJHb%2FWjQFEA72vE%3D
flatestilosocomvistaparapiscinadotheexpression.hotelbi.top/ Name: session_id
Value: 658e4159-5260-4959-ad10-3cc5d0cd0188

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-icons-png.flaticon.com
cf.bstatic.com
flatestilosocomvistaparapiscinadotheexpression.hotelbi.top
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
region1.google-analytics.com
translate.google.com
translate.googleapis.com
widget.getyourguide.com
www.booking.com
www.googletagmanager.com
www.gstatic.com
104.18.11.207
18.245.60.2
2001:4860:4802:34::36
204.93.224.158
2600:9000:266e:fe00:5:bf05:acc0:93a1
2606:4700:3030::ac43:8b77
2606:4700:4400::ac40:93bc
2606:4700:4400::ac40:999e
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a00:1450:4001:831::2008
2a02:26f0:3500:11::215:14c6
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1171477758a5a49da14f187ac42d8b734f6ff44c89784289f28b9dc7538168ca
1e47de387fd7f03dff239c528820f190e8e2771046d368f6f9510b23ecdaf4c3
23daa07b4cbfa8e9a4a4aa17f77ebab31297e8dcd5f1c082dc21f284ab5dd03a
282300faee394628026f002f1e3c4d509a66b94bf09e6a2910f61f818f5834c8
2c7a32fd866d6f01c24cfe5b3d51f66b7ab108e30a623aba71b55349369cb8f1
3b42dcfa564214b9d9446932870c0c9dc3016e4339452d8eb8eae9a460a826bb
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
3f116970c91d9e7078628aecc6ffdacd7fd6e61735e940314a8c60f6cd71e6a0
41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825
481f9b746c2411d4210e6128a12ee769a7a866666f9f1ac453682786c801e17c
4ea566bcfe25ec81ab2688387def9cb5990637e85a559003486d7f44f434302b
5bc5f6b6f1143cf8f2c71bae999538c21c7cf309f3f8a27b66c4f1928ea86d8c
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
79a8e28379ed7b80c424eb8df7a718c955320e1ef52e90f8ae0b4ec9763c1147
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8330b1bcdfeb2146d4405a09aa0029a1b79e5d68686b4a9ec62b507207449661
8ae0a9ea0ac752d44b73395c8f675a5099323c8de1dbae62105ba300493259b7
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
9952519438acf3657140cd08bf94cc4f3afa33962db3da03d09d1a00814790f4
ac488f4c210df86d62c61c20c14826a4148dadba48f8268e9a66477a0653ecd8
b14a53432cbd4a2f5c7b18203f3ed5280bf4fa1f8accdd931552194a3151ec12
c42117b3b9990051de9a205acd457d82ff1587fc6fb8dd754570bab745bd2e59
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
f14a4ad7600572f3943c69a7b5881e265b80e9c721e7e1e9f1700d5f8fd94b4c
f45fbde8347e50bb8648d3a6377a99b741d41a27462d7cb910265ac7f50c0222
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e