booking.ai Open in urlscan Pro
52.5.181.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://booking.ai/
Effective URL:
https://booking.ai/?gi=79618510d951
Submission: On May 17 via api (May 17th 2022, 4:22:37 am UTC) from GB — Scanned from GB

Summary HTTP 49 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 49 HTTP transactions. The main IP is 52.5.181.79, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is booking.ai.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 27th 2021. Valid for: a year.

This is the only time booking.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	52.5.181.79 52.5.181.79	14618 (AMAZON-AES) (AMAZON-AES)
1 15	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
16	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.63.77 65.9.63.77	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:5a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:8000:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:440... 2606:4700:4400::6812:27ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	10

4 52.5.181.79 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-181-79.compute-1.amazonaws.com

booking.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-static-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-images-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-images-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-static-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-77.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:8000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:27ad (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 9339 glyph.medium.com — Cisco Umbrella Rank: 21600 cdn-static-1.medium.com — Cisco Umbrella Rank: 125367 cdn-images-1.medium.com — Cisco Umbrella Rank: 48467 csp.medium.com Failed	3 MB
8	medium.systems lightstep.medium.systems — Cisco Umbrella Rank: 202523	682 B
4	booking.ai 2 redirects booking.ai	37 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 1015 api2.branch.io — Cisco Umbrella Rank: 589	25 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	13 KB
1	app.link app.link — Cisco Umbrella Rank: 1729	562 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
49	7

	Domain	Requested by
22	cdn-images-1.medium.com	booking.ai
8	lightstep.medium.systems	cdn-static-1.medium.com
4	cdn-static-1.medium.com	booking.ai cdn-static-1.medium.com
4	booking.ai	2 redirects booking.ai cdn-static-1.medium.com
3	medium.com	1 redirects cdn-static-1.medium.com
2	api2.branch.io	cdn.branch.io
2	glyph.medium.com	booking.ai glyph.medium.com
1	cdn.jsdelivr.net	cdn-static-1.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	booking.ai
1	www.google-analytics.com	booking.ai www.google-analytics.com
0	csp.medium.com Failed	www.google-analytics.com
49	12

This site contains links to these domains. Also see Links.

Domain
policy.medium.com
medium.com
rsci.app.link
jobs.booking.com
twitter.com
facebook.com

Subject Issuer	Validity	Valid
booking.ai Sectigo RSA Domain Validation Secure Server CA	`2021-07-27` - `2022-07-27`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-04-27` - `2022-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://booking.ai/?gi=79618510d951
Frame ID: 7E848162FD463B5CD187F83935BB8D81
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booking.com Data Science

Page URL History Show full URLs

http://booking.ai/ HTTP 301
https://booking.ai/ HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fbooking.ai%2F HTTP 302
https://booking.ai/?gi=79618510d951 Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/fingerprintjs@(\d)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

49
Requests

94 %
HTTPS

78 %
IPv6

7
Domains

12
Subdomains

10
IPs

2
Countries

2820 kB
Transfer

5038 kB
Size

14
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://medium.com/
Title: Homepage

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com/booking-com-data-science%3F~feature=LoMobileNavBar&~channel=ShowCollectionHome&~stage=m2
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?redirect=https%3A%2F%2Fbooking.ai%2F&source=--------------------------nav_reg&operation=login
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?redirect=https%3A%2F%2Fbooking.ai%2F&source=--------------------------nav_reg&operation=register
Title: Get started

Search URL Search Domain Scan URL

URL: https://jobs.booking.com/careers?department=Data%20Science%20%26%20Analytics&domain=booking.com
Title: Data Science Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/PlanetBooking

Search URL Search Domain Scan URL

URL: https://facebook.com/planetbooking

Search URL Search Domain Scan URL

URL: https://medium.com/about
Title: About Medium

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f
Title: Terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://booking.ai/ HTTP 301
https://booking.ai/ HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fbooking.ai%2F HTTP 302
https://booking.ai/?gi=79618510d951 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
booking.ai/
Redirect Chain

http://booking.ai/
https://booking.ai/
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fbooking.ai%2F
https://booking.ai/?gi=79618510d951

205 KB
36 KB

800ms
800ms

Document
text/html

52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

f1db0a728f52b71c218dac9b526bfd241f61c77c2e8def1bd88cd7041f8642f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://booking.ai https://.booking.ai https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://booking.ai https://*.booking.ai https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 04:22:30 GMT
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
medium-fulfilled-by: valencia/main-20220505-143206-9ef6171d35
pragma: no-cache
sepia-upstream: medium
server: nginx
x-content-type-options: nosniff
x-envoy-upstream-service-time: 564
x-frame-options: sameorigin
x-obvious-info: 20220516-2357-root,524c9296
x-obvious-tid: 1652761350465:3aceb2e19c2d
x-opentracing: {"ot-tracer-spanid":"0b75ee8e1e424a82","ot-tracer-traceid":"a544730620eaa02","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70c992866a21cc4e-ZRH
content-length: 0
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type: text/plain;charset=UTF-8
date: Tue, 17 May 2022 04:22:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://booking.ai/?gi=79618510d951
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220505-143206-9ef6171d35
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 51
x-frame-options: sameorigin
x-obvious-info: 20220516-2357-root,524c9296
x-obvious-tid: 1652761350245:309b750f089b
x-opentracing: {"ot-tracer-spanid":"661e50613169faff","ot-tracer-traceid":"408128c3c880ebb9","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

GET
H2 200 m2-unbound.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/ 70 KB
46 KB 182ms
172ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2-unbound.css

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51fd0856be5c980c6f5bb1c29c1333ae0cef4c4351924163449ee704b7322f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 269
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 70c9928d1fb8cc4e-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 17 May 2022 06:22:31 GMT

GET
H2 200 main-branding-base.fjPGgkNh4FL35RkN0VJRsg.12.css
cdn-static-1.medium.com/_/fp/css/ 467 KB
64 KB 79ms
70ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/css/main-branding-base.fjPGgkNh4FL35RkN0VJRsg.12.css

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

397739baddf3f0a67c1872a79e616d5cce3b80ca1b8dbce524acf1d5cd0b3291

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8807605
cf-ray: 70c9928d1fb7cc4e-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64669
x-amz-id-2: ms9fOfew5XMmUJBQZ3mbk0CIeuKjqjXSw/k0FhTMxRa+rgisOaAwFz62dFR4iVMGF0GZdauBbc0=
last-modified: Tue, 01 Feb 2022 04:59:48 GMT
server: cloudflare
etag: "1c69a376adce6d79ddd247fe2e12374b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QXYXYDWKWSE3DGY7
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
expires: Wed, 17 May 2023 04:22:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 146ms
40ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2865
date: Tue, 17 May 2022 03:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 17 May 2022 05:34:46 GMT

GET
H2 200 1*5i1ugiw-5kV2ViHgcIYV5Q@2x.png
cdn-images-1.medium.com/max/980/ 26 KB
27 KB 187ms
163ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/980/1*5i1ugiw-5kV2ViHgcIYV5Q@2x.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9b002630805d1f2e61296f031b0c4b6b31b2a83679d81e7647f3052b1ac664

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27122
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928e58c6cc4e-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H2 200 1*dmbNkD5D-u45r44go_cf0g.png
cdn-images-1.medium.com/proxy/ 6 KB
6 KB 110ms
89ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/proxy/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272ed9aef66df4b0fc0db7d8109a7949f039a9deabc1617eba270af19a72399d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2584208
x-envoy-upstream-service-time: 25
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6116
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210514-190939-619b54aa02
accept-ranges: bytes
cf-ray: 70c9928e58c1cc4e-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H2 200 1*MO9IdP7-Hi27BfLd_PH4DA.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
3 KB 179ms
158ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*MO9IdP7-Hi27BfLd_PH4DA.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4e6411c89de84ee6a4346cd38602345e29ebb726731d0eb94f4b48bfb858e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 41
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2941
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928e58c2cc4e-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H2 200 1*BYwLheoN2Tx8ewJ9DG8WXg.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
3 KB 196ms
176ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*BYwLheoN2Tx8ewJ9DG8WXg.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f53e4db08bb928f20c43dbbe64884d492bee8108867be2018812a3ac6d7b88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 89
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3272
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 70c9928e58c3cc4e-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H2 200 0*j8UL1ZE1mh_5Rm3b
cdn-images-1.medium.com/fit/c/72/72/ 2 KB
2 KB 211ms
191ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/0*j8UL1ZE1mh_5Rm3b

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26a7b70a94675a42c5bf4fc4e61854e9922ed5dd03893b641281ce79aa718b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 17
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1643
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928e58c5cc4e-ZRH
expires: Thu, 16 Jun 2022 04:22:31 UTC

GET
H2 200 1*DzMhukaOyUHNBCHtiYcW6g.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
4 KB 179ms
159ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*DzMhukaOyUHNBCHtiYcW6g.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a931ab5fa456b0bf372f0bcd13a3664b5399bc3783c3c4664e66332f228d7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3512
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928e58c4cc4e-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 1*aZ0TWkQQpoPTXfzZyk0A-g.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
4 KB 469ms
468ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*aZ0TWkQQpoPTXfzZyk0A-g.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

341ac88296c4beacc26b503b6f167bb5db8ea1afc1d910d8905f7df88e19ea88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 249
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3379
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c9928f0f6201db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 1*APzuhN5coAR5cYj-7BQCRQ.png
cdn-images-1.medium.com/fit/c/72/72/ 11 KB
12 KB 166ms
164ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*APzuhN5coAR5cYj-7BQCRQ.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d00d6ba6d6ed1e88439e1c30d435adfaa88d96b2a255e65af7f67c5e2f758e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 105
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11499
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c9928f0f6401db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 2*OXILhkI_WuI0oJuMB0Cezw.png
cdn-images-1.medium.com/fit/c/72/72/ 9 KB
9 KB 457ms
455ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/2*OXILhkI_WuI0oJuMB0Cezw.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1189806f8543bc53842fe20ab3f8a6e9d52e4c762ece5f35990221359aceebc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 41
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8935
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928f0f6601db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 1*Xy9r1obbBX5UmDhq_wliIw.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
4 KB 413ms
411ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*Xy9r1obbBX5UmDhq_wliIw.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ccbfc951670cc7df2c4b2e05f83e67f16a78ab09958931e7d2b89a23eb72588

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3387
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928f0f6801db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H2 200 main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js Show response
cdn-static-1.medium.com/_/fp/gen-js/ 1 MB
321 KB 62ms
61ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c221893e37dfff32904e4ef7fa5368b220ee0ca5068f97131e345e0b3481683

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11886
cf-ray: 70c9928e38b1cc4e-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 328250
x-amz-id-2: +awafnwuaMVusbreuLrIGqGf+9pUuaMbHGdEx/QLo7HBLm4EONF/jmky5j86/GWujYm57LDrLYs=
last-modified: Tue, 17 May 2022 00:11:33 GMT
server: cloudflare
etag: "4aa92b8f7098d293578a4bd3ae3d48d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 19SSR8FQWJM8EHG9
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 17 May 2023 04:22:31 GMT

GET
H2 200 stat
booking.ai/_/ 43 B
194 B 154ms
153ms Image
image/gif 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.ai/_/stat?event=pixel.load&origin=https%3A%2F%2Fbooking.ai
Requested by: Host: booking.ai
URL: https://booking.ai/?gi=79618510d951
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-181-79.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
medium-fulfilled-by: valencia/main-20220505-143206-9ef6171d35
x-envoy-upstream-service-time: 35
sepia-upstream: medium
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 1*DH2Ii3RvJmCi-t1xkyYe5g.jpeg
cdn-images-1.medium.com/max/2400/ 178 KB
179 KB 213ms
212ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/2400/1*DH2Ii3RvJmCi-t1xkyYe5g.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b679bca18be1fef8ce71e7b51b1d5f857f426d6f2818fc4002ed3de15f8059e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 130
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182748
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928ec90fcc4e-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7308f36363fb1faa04c40e6b51a9eab2255f8f233172395c5ee5ac3280e8183

Request headers

Referer
Origin: https://booking.ai
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 1*bflmEFdEQRhbPtkAmNJvhg.png
cdn-images-1.medium.com/max/2000/ 210 KB
210 KB 175ms
175ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/2000/1*bflmEFdEQRhbPtkAmNJvhg.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1599975c70db0d6e053dc08423331a1986aecc583913cf69f8f5af02defd27a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 80
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 215193
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928ec911cc4e-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H2 200 1*pcV8A64GzjTmkJ9GXbk4fQ.png
cdn-images-1.medium.com/max/1200/ 69 KB
69 KB 167ms
166ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1200/1*pcV8A64GzjTmkJ9GXbk4fQ.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e65c1bc1b842cede4adc1814461a7ef82bbe4b91862ef9e1f9638d1ce0397b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70193
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c9928ec910cc4e-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46259572effe2f57ee56ee9371ee366a119d5442e9965fd4943bdffb3da9a25e

Request headers

Referer
Origin: https://booking.ai
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 81 KB
24 KB 136ms
44ms Script
text/javascript 65.9.63.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: booking.ai
URL: https://booking.ai/?gi=79618510d951
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bbb9c0f0e0824480fd077d8340987a94369f9565dfcf6b89dcb00229fb49673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: qdsw2NkSLBBvb7vdgXpE9mqgp_9x4Fln
content-encoding: gzip
last-modified: Wed, 04 May 2022 17:13:35 GMT
server: AmazonS3
age: 207
etag: "02288b6b1ca1a8d5a1ce841c5df3ee19"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Tue, 17 May 2022 04:19:05 GMT
x-amz-cf-pop: FRA56-C1
content-length: 24357
x-amz-cf-id: i_uMcq_Kr7EliHA1mIHZ-N2UqqB6vT3Qaf-mGqYJY1bSiNnoWg_Ylw==

GET
H3 200 0*0xbfEgbaP1X316GR.png
cdn-images-1.medium.com/max/1200/ 108 KB
109 KB 303ms
302ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1200/0*0xbfEgbaP1X316GR.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a81fea207e23632d1f49ba778ac8b97005e576df48263d5e4ce6532da5d6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 106
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111004
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928f0f6e01db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 1*6UfDwdwu7iYLWDPTgK0OQg.png
cdn-images-1.medium.com/max/1200/ 65 KB
66 KB 302ms
299ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1200/1*6UfDwdwu7iYLWDPTgK0OQg.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2583fdc8248bc95b1285b313f437754716f54947d0577d1566f61d69fc8da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 37
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67027
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928f0f6f01db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 1*YjkEIuWQqNxLMz98sZUN-g.png
cdn-images-1.medium.com/max/1200/ 89 KB
90 KB 252ms
251ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1200/1*YjkEIuWQqNxLMz98sZUN-g.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d8464bbfd2a78120e7952871b350a35084d0c859d190f18aff2d2250f73ada7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 70
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91625
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c9928f0f7001db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 1*ZaNY4Q6DsLB8eWGui2jhGg.png
cdn-images-1.medium.com/max/800/ 80 KB
80 KB 204ms
203ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/1*ZaNY4Q6DsLB8eWGui2jhGg.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724c490d63b91d68c383ce9f354ad878c0f8032a002b0eb734404a0667aeddbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 99
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81982
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928f1f7201db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 1*dAawajXuvL3epeKIoNMUOA.jpeg
cdn-images-1.medium.com/max/800/ 189 KB
189 KB 444ms
443ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/1*dAawajXuvL3epeKIoNMUOA.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37fb2776f3a40696a49c2f201ee4488e707079a2c2310f72b4882b2c95437909

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 117
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193150
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c9928f1f7301db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 0*yOSEuZy4Swga8uzd
cdn-images-1.medium.com/max/2000/ 143 KB
144 KB 601ms
600ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/2000/0*yOSEuZy4Swga8uzd

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90148eaccf9235e90a185ed7fba757f7cd83a28a57ad9c0bcd639ba65c9fa97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 79
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 146716
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928f1f7501db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 UTC

GET
H3 200 0*RDaEk-VDaYV9f3yV
cdn-images-1.medium.com/max/800/ 39 KB
39 KB 400ms
399ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/0*RDaEk-VDaYV9f3yV

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c226510217997ada3669ee381ed75ed3643259a54a02cd5afde0bfe960dae5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 27
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39537
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928f1f7701db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 UTC

GET
H3 200 1*qD5AVSSex68CSyvD0-B6Uw.png
cdn-images-1.medium.com/max/800/ 638 KB
639 KB 441ms
440ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/1*qD5AVSSex68CSyvD0-B6Uw.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c08c54124fada39f7c22374689d6eea12f187bc1fbf7f2ffa42726889cca9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 107
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 653510
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c9928f1f7801db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 1*O7D9cJOIxXFqKSMTR9lm6g.jpeg
cdn-images-1.medium.com/max/800/ 145 KB
146 KB 557ms
557ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/1*O7D9cJOIxXFqKSMTR9lm6g.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=79618510d951

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e308ed92187b972c3095e822f0369e5a58d9746b01ba6dba77323ad09a7a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 104
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 148812
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c9928f1f7a01db-ZRH
expires: Thu, 16 Jun 2022 04:22:31 GMT

GET
H3 200 marat-sans-400-normal.woff
glyph.medium.com/font/d8659c9/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 21 KB
22 KB 122ms
66ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/d8659c9/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/marat-sans-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2-unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

254765da6129bbc6ddc3c4cd5cb98679aa10ad0703e05ed33b827a02d34873be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2-unbound.css
Origin: https://booking.ai
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8240540
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 70c9928f79220200-ZRH
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 May 2023 04:22:31 GMT

POST /
csp.medium.com/ 0
0

POST collect
www.google-analytics.com/j/ 0
0

GET
H3 200 main-common-async.bundle.rmS0WygI4sbyuBNLaPB_WA.12.js Show response
cdn-static-1.medium.com/_/fp/gen-js/ 747 KB
205 KB 450ms
450ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/gen-js/main-common-async.bundle.rmS0WygI4sbyuBNLaPB_WA.12.js

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997e1c4bb18454fd1d7ca575ee26e5b985e974eec49f44997aa22cebe5c6348a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11030
cf-ray: 70c9928fe84d01db-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 209102
x-amz-id-2: AlG/PRjFu4kzy0HQbsh9m9ukCK2x4C4L/vxdm5r30Eg1Empe19/jgldRDUcMDdCFzjBBdpJPBa8=
last-modified: Tue, 17 May 2022 00:11:33 GMT
server: cloudflare
etag: "f43f4c4d9c61b977d11146bc23041f13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZM7D97RHTMSJDSH5
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 17 May 2023 04:22:31 GMT

GET
H2 200 _r Show response
app.link/ 91 B
562 B 286ms
192ms Script
text/javascript 2600:9000:2057:5a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.61.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

f014b6d44212c75e07e059bed9433797c207c129072eb425f5d89434d55016d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:31 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
etag: W/"5b-PhsKQf9TxJc7SO1IE9g1VIWF4a0"
x-amz-cf-id: Et0z3YqZlKJdKi1YPNxZrajhIHi_bsxVf3oNP2UruekcCFxInC9GDQ==

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
630 B 293ms
199ms XHR
application/json 2600:9000:206f:8000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 42fc2fd761059d45a83471d0c7ce2d48f2df32de129da06a26a21b2e7daa9e41

Request headers

Referer: https://booking.ai/?gi=79618510d951
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 May 2022 04:22:32 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 1525c25749314702848ceb03d31a5f79-2022051704
content-length: 316
x-amz-cf-id: oeNV7k4-HY0z7Cz6qXbI678rdGgAWnlIQg0q2UX4yQVj9QwL-sD2Vg==

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
178 B 348ms
347ms XHR
application/json 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493a13a8c2ceb23f3331a93823bf03318fd87e40ac13866b4c6c47351dec336d

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://booking.ai/?gi=79618510d951
accept-language: en-GB,en;q=0.9
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 04:22:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cf-ray: 70c992940a9d2373-ZRH
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 300ms
191ms Preflight 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,lightstep-access-token
Access-Control-Request-Method: POST
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c99292d95e2373-ZRH
content-length: 0
date: Tue, 17 May 2022 04:22:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
x-envoy-upstream-service-time: 0

GET
H3 200 main-home-screens.bundle.quhUsItea5YCuivElm9ZZA.12.js Show response
cdn-static-1.medium.com/_/fp/gen-js/ 5 KB
3 KB 59ms
59ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/gen-js/main-home-screens.bundle.quhUsItea5YCuivElm9ZZA.12.js

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb5f625a2b59bbdae0af40afa58c95f84a19d499ebf877baf331b62867fa9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=79618510d951
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8481
cf-ray: 70c992933b8101db-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2158
x-amz-id-2: m0hHQDYjVuN4e5RjFrDX8UcpR0UtsGAunPHSXKapjzyUpPcwJRq3nS7MH++j6lJEdnPWcgwhNiM=
last-modified: Tue, 17 May 2022 00:11:33 GMT
server: cloudflare
etag: "da98086f5a14b02d08747b012bcbd742"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YBFCT3HS2YQTFSG9
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 17 May 2023 04:22:32 GMT

GET
H2 200 fp.min.js Show response
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3.1.0/dist/ 30 KB
13 KB 154ms
59ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3.1.0/dist/fp.min.js

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733b8b9c633050fc87a32e728a1ee052965bba562a9bc74689442386ea090681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:22:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4906835
x-jsd-version: 3.1.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19140-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"7686-bMYrhldj2l37cKFzqt1kEXkGfPk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STcevncAs3LUR2xmwmiVDMzVvffYtbIPoq7XwdMJfzBmWt5hgr2yN%2FL%2Fod%2BBgRQjWfiy%2F2mXStc7qBNRNF%2FD%2FB00gOSsN8H0ll%2BuhZ7D8Yg3CKdrewVsnpnr3a11BVRpRONvQw35DChYfwX0Hag%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 70c992946b6a0225-ZRH

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
387 B 245ms
245ms XHR
application/json 2600:9000:206f:8000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://booking.ai/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 May 2022 04:22:32 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 25028593b5a04aa3963d2205612c64d5-2022051704
content-length: 28
x-amz-cf-id: _4SvWGEAw2c-cV500_p7dvh73E2QJXcyEeOLx3ky-G4fc2qWtoyKrQ==

GET
H3 200 stream Show response
medium.com/_/api/collections/4d265f07defc/ 6 KB
3 KB 246ms
245ms XHR
application/json 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/_/api/collections/4d265f07defc/stream?to=1652761350552&ignoredIds=71755bad0e5f&ignoredIds=892118be9e19&ignoredIds=9e42781a2bcb&ignoredIds=d816bc8b8fb&ignoredIds=71cac0781944&ignoredIds=3796cd695454&ignoredIds=d65a1ee98cea&ignoredIds=1bb0f8f2027c&ignoredIds=223fba846876&ignoredIds=c01aff70b255&ignoredIds=3ee8fe943c70&ignoredIds=ae4cf05013f9&page=5

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Medium

Resource Hash

3e87f48367cfc7e1ebeb5f48da4dcaf54fc9188e4f07ef8ab6df0e95bba1e143

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-Client-Date: 1652761352527
X-XSRF-Token: 1
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://booking.ai/
X-Obvious-CID: web

Response headers

date: Tue, 17 May 2022 04:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-powered-by: Medium
x-obvious-info: 20220516-2357-root,524c9296
x-envoy-upstream-service-time: 71
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
link: <https://medium.com/humans.txt>; rel="humans"
x-obvious-tid: 1652761352816:a3017b92047e
expires: Thu, 09 Sep 1999 09:09:09 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://booking.ai
vary: Accept-Encoding
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220505-143206-9ef6171d35
cf-ray: 70c992969ec501db-ZRH
x-opentracing: {"ot-tracer-spanid":"3537ca1d26f8ef4e","ot-tracer-traceid":"7eba00eff19ba24b","ot-tracer-sampled":"true"}
access-control-expose-headers: X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, X-Obvious-Profiling, X-Diagnostics, x-opentracing

OPTIONS
H3 204 stream
medium.com/_/api/collections/4d265f07defc/ 0
0 184ms
184ms Preflight 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://.medium.com https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-date,x-obvious-cid,x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, User-Agent, DNT, Cache-Control, X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, x-opentracing
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://booking.ai
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70c992957efd0200-ZRH
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
date: Tue, 17 May 2022 04:22:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://medium.com/humans.txt>; rel="humans"
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220505-143206-9ef6171d35
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 10
x-frame-options: sameorigin
x-obvious-info: 20220516-2357-root,524c9296
x-obvious-tid: 1652761352629:5fa5fe04843
x-opentracing: {"ot-tracer-spanid":"60ea7d5732649059","ot-tracer-traceid":"a2b4afb11849dde","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
159 B 147ms
147ms XHR
application/json 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 138fd37339646a17b30ef30ce5f2b758589e0c195e62ad5333f707c1871fe91c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://booking.ai/
accept-language: en-GB,en;q=0.9
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 04:22:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 70c9929949322373-ZRH
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 152ms
152ms Preflight 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,lightstep-access-token
Access-Control-Request-Method: POST
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c992984fc52373-ZRH
content-length: 0
date: Tue, 17 May 2022 04:22:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
x-envoy-upstream-service-time: 3

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 157ms
156ms Preflight 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,lightstep-access-token
Access-Control-Request-Method: POST
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c9929c7c7b2373-ZRH
content-length: 0
date: Tue, 17 May 2022 04:22:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
x-envoy-upstream-service-time: 3

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
182 B 333ms
333ms XHR
application/json 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22aaa09716637040f08f001345c3ce9dccdbbdb35c956777da899dd685276d4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://booking.ai/
accept-language: en-GB,en;q=0.9
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 04:22:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 70c9929d7d6b2373-ZRH
access-control-allow-headers: LightStep-Access-Token, Content-Type

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
163 B 154ms
154ms XHR
application/json 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 417346e5fea200e346140822ae8164a9f7692be291fbdaf449458386fb292b2c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://booking.ai/
accept-language: en-GB,en;q=0.9
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 04:22:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
cf-ray: 70c992a2aa7c2373-ZRH
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 148ms
148ms Preflight 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,lightstep-access-token
Access-Control-Request-Method: POST
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c992a1b9a52373-ZRH
content-length: 0
date: Tue, 17 May 2022 04:22:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
x-envoy-upstream-service-time: 0

POST batch
booking.ai/_/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csp.medium.com
URL: https://csp.medium.com/

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j96&a=188681342&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.ai%2F%3Fgi%3D79618510d951&ul=en-us&de=UTF-8&dt=Booking.com%20Data%20Science&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1142428935&gjid=252099712&cid=2012352067.1652761352&tid=UA-24232453-2&_gid=1110552505.1652761352&_r=1&_slc=1&z=2145570191

Domain: booking.ai
URL: https://booking.ai/_/batch

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medium.com/	1970-01-20 11:51:37	Name: sid Value: 1:bbhHjYdixPue8XRCV/7+RtoR6sG8FiBLl1sSldjdVReZkXSSWYkGDuzDo5oI+hI3
.medium.com/	1970-01-20 11:51:37	Name: uid Value: lo_44699f1a0bd2
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: db404a50fa0a252fd71cfa9b1f95577e2004183d-1652761350
booking.ai/	1970-01-20 11:51:37	Name: uid Value: lo_44699f1a0bd2
booking.ai/	1970-01-20 11:51:37	Name: sid Value: 1:LWORc5O/xJWzal55+XjyRc0r4umMjo3jzESrlX9iGoQG1Y1dOFNrVtB4nyP6zFaA
.booking.ai/	1970-01-20 20:37:13	Name: _ga Value: GA1.2.2012352067.1652761352
.booking.ai/	1970-01-20 03:07:27	Name: _gid Value: GA1.2.1110552505.1652761352
.booking.ai/	1970-01-20 03:06:01	Name: _gat Value: 1
booking.ai/	1970-01-20 03:16:06	Name: lightstep_guid/medium-web Value: 8dd58f7b46bc6a4c
booking.ai/	1970-01-20 03:16:06	Name: lightstep_session_id Value: c971a0036a3e83cb
booking.ai/	1970-01-20 03:16:06	Name: sz Value: 1600
booking.ai/	1970-01-20 03:16:06	Name: pr Value: 1
booking.ai/	1970-01-20 03:16:06	Name: tz Value: 0
.app.link/	1970-01-20 11:51:37	Name: _s Value: EpEzDGPFVKE3vyfcOPgwSTLJPmyve0fUVGQoTc2HR6W6RpPS6O1hjc6eHG5O7wPW

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.google-analytics.com/analytics.js(Line 43) Message: Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j96&a=188681342&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.ai%2F%3Fgi%3D79618510d951&ul=en-us&de=UTF-8&dt=Booking.com%20Data%20Science&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1142428935&gjid=252099712&cid=2012352067.1652761352&tid=UA-24232453-2&_gid=1110552505.1652761352&_r=1&_slc=1&z=2145570191' because it violates the following Content Security Policy directive: "connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://booking.ai https://.booking.ai https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://booking.ai https://.booking.ai https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
booking.ai
cdn-images-1.medium.com
cdn-static-1.medium.com
cdn.branch.io
cdn.jsdelivr.net
csp.medium.com
glyph.medium.com
lightstep.medium.systems
medium.com
www.google-analytics.com
booking.ai
csp.medium.com
www.google-analytics.com
2600:9000:2057:5a00:19:9934:6a80:93a1
2600:9000:206f:8000:11:f728:3040:93a1
2606:4700:4400::6812:27ad
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2606:4700::6810:5614
2a00:1450:4001:82f::200e
52.5.181.79
65.9.63.77
1189806f8543bc53842fe20ab3f8a6e9d52e4c762ece5f35990221359aceebc7
138fd37339646a17b30ef30ce5f2b758589e0c195e62ad5333f707c1871fe91c
1599975c70db0d6e053dc08423331a1986aecc583913cf69f8f5af02defd27a4
254765da6129bbc6ddc3c4cd5cb98679aa10ad0703e05ed33b827a02d34873be
26a7b70a94675a42c5bf4fc4e61854e9922ed5dd03893b641281ce79aa718b26
272ed9aef66df4b0fc0db7d8109a7949f039a9deabc1617eba270af19a72399d
341ac88296c4beacc26b503b6f167bb5db8ea1afc1d910d8905f7df88e19ea88
37fb2776f3a40696a49c2f201ee4488e707079a2c2310f72b4882b2c95437909
397739baddf3f0a67c1872a79e616d5cce3b80ca1b8dbce524acf1d5cd0b3291
3e87f48367cfc7e1ebeb5f48da4dcaf54fc9188e4f07ef8ab6df0e95bba1e143
3f53e4db08bb928f20c43dbbe64884d492bee8108867be2018812a3ac6d7b88b
417346e5fea200e346140822ae8164a9f7692be291fbdaf449458386fb292b2c
42fc2fd761059d45a83471d0c7ce2d48f2df32de129da06a26a21b2e7daa9e41
46259572effe2f57ee56ee9371ee366a119d5442e9965fd4943bdffb3da9a25e
493a13a8c2ceb23f3331a93823bf03318fd87e40ac13866b4c6c47351dec336d
4f9b002630805d1f2e61296f031b0c4b6b31b2a83679d81e7647f3052b1ac664
51fd0856be5c980c6f5bb1c29c1333ae0cef4c4351924163449ee704b7322f79
5bbb9c0f0e0824480fd077d8340987a94369f9565dfcf6b89dcb00229fb49673
5c221893e37dfff32904e4ef7fa5368b220ee0ca5068f97131e345e0b3481683
6b2583fdc8248bc95b1285b313f437754716f54947d0577d1566f61d69fc8da5
6b4e6411c89de84ee6a4346cd38602345e29ebb726731d0eb94f4b48bfb858e1
724c490d63b91d68c383ce9f354ad878c0f8032a002b0eb734404a0667aeddbb
733b8b9c633050fc87a32e728a1ee052965bba562a9bc74689442386ea090681
78d00d6ba6d6ed1e88439e1c30d435adfaa88d96b2a255e65af7f67c5e2f758e
7c226510217997ada3669ee381ed75ed3643259a54a02cd5afde0bfe960dae5b
7d8464bbfd2a78120e7952871b350a35084d0c859d190f18aff2d2250f73ada7
8a931ab5fa456b0bf372f0bcd13a3664b5399bc3783c3c4664e66332f228d7b6
8c08c54124fada39f7c22374689d6eea12f187bc1fbf7f2ffa42726889cca9a3
8ccbfc951670cc7df2c4b2e05f83e67f16a78ab09958931e7d2b89a23eb72588
90148eaccf9235e90a185ed7fba757f7cd83a28a57ad9c0bcd639ba65c9fa97c
997e1c4bb18454fd1d7ca575ee26e5b985e974eec49f44997aa22cebe5c6348a
9e65c1bc1b842cede4adc1814461a7ef82bbe4b91862ef9e1f9638d1ce0397b4
9fb5f625a2b59bbdae0af40afa58c95f84a19d499ebf877baf331b62867fa9c5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7308f36363fb1faa04c40e6b51a9eab2255f8f233172395c5ee5ac3280e8183
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b679bca18be1fef8ce71e7b51b1d5f857f426d6f2818fc4002ed3de15f8059e6
c8a81fea207e23632d1f49ba778ac8b97005e576df48263d5e4ce6532da5d6c8
e22aaa09716637040f08f001345c3ce9dccdbbdb35c956777da899dd685276d4
f014b6d44212c75e07e059bed9433797c207c129072eb425f5d89434d55016d4
f0e308ed92187b972c3095e822f0369e5a58d9746b01ba6dba77323ad09a7a4a
f1db0a728f52b71c218dac9b526bfd241f61c77c2e8def1bd88cd7041f8642f1

booking.ai Open in urlscan Pro 52.5.181.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

94 %HTTPS

78 %IPv6

7 Domains

12 Subdomains

10 IPs

2 Countries

2820 kBTransfer

5038 kBSize

14 Cookies

10 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

booking.ai Open in urlscan Pro
52.5.181.79 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

94 %
HTTPS

78 %
IPv6

7
Domains

12
Subdomains

10
IPs

2
Countries

2820 kB
Transfer

5038 kB
Size

14
Cookies

49 HTTP transactions
2 data transactions