booking.ai Open in urlscan Pro
52.5.181.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://booking.ai/
Effective URL:
https://booking.ai/?gi=35294e4265ba
Submission: On May 17 via api (May 17th 2022, 1:57:58 am UTC) from GB — Scanned from GB

Summary HTTP 51 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 51 HTTP transactions. The main IP is 52.5.181.79, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is booking.ai.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 27th 2021. Valid for: a year.

This is the only time booking.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	52.5.181.79 52.5.181.79	14618 (AMAZON-AES) (AMAZON-AES)
1 29	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.81 108.138.17.81	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:e000:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:440... 2606:4700:4400::6812:27ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:249... 2600:9000:2491:4e00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	10

5 52.5.181.79 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-181-79.compute-1.amazonaws.com

booking.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-static-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-images-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-81.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:e000:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:27ad (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:4e00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 9339 glyph.medium.com — Cisco Umbrella Rank: 21600 cdn-static-1.medium.com — Cisco Umbrella Rank: 125367 cdn-images-1.medium.com — Cisco Umbrella Rank: 48467 csp.medium.com Failed	3 MB
8	medium.systems lightstep.medium.systems — Cisco Umbrella Rank: 202523	707 B
5	booking.ai 2 redirects booking.ai	37 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 1015 api2.branch.io — Cisco Umbrella Rank: 589	25 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	13 KB
1	app.link app.link — Cisco Umbrella Rank: 1729	563 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
51	7

	Domain	Requested by
22	cdn-images-1.medium.com	booking.ai
8	lightstep.medium.systems	cdn-static-1.medium.com
5	booking.ai	2 redirects booking.ai cdn-static-1.medium.com
4	cdn-static-1.medium.com	booking.ai cdn-static-1.medium.com
3	medium.com	1 redirects cdn-static-1.medium.com
2	api2.branch.io	cdn.branch.io
2	glyph.medium.com	booking.ai glyph.medium.com
1	cdn.jsdelivr.net	cdn-static-1.medium.com
1	app.link	cdn.branch.io
1	cdn.branch.io	booking.ai
1	www.google-analytics.com	booking.ai www.google-analytics.com
0	csp.medium.com Failed	www.google-analytics.com
51	12

This site contains links to these domains. Also see Links.

Domain
policy.medium.com
medium.com
rsci.app.link
jobs.booking.com
twitter.com
facebook.com

Subject Issuer	Validity	Valid
booking.ai Sectigo RSA Domain Validation Secure Server CA	`2021-07-27` - `2022-07-27`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-04-27` - `2022-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://booking.ai/?gi=35294e4265ba
Frame ID: 02BD5CDAD56055655B633B72D5EC70E6
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booking.com Data Science

Page URL History Show full URLs

http://booking.ai/ HTTP 301
https://booking.ai/ HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fbooking.ai%2F HTTP 302
https://booking.ai/?gi=35294e4265ba Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/fingerprintjs@(\d)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

51
Requests

92 %
HTTPS

78 %
IPv6

7
Domains

12
Subdomains

10
IPs

2
Countries

2821 kB
Transfer

5039 kB
Size

14
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://medium.com/
Title: Homepage

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com/booking-com-data-science%3F~feature=LoMobileNavBar&~channel=ShowCollectionHome&~stage=m2
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?redirect=https%3A%2F%2Fbooking.ai%2F&source=--------------------------nav_reg&operation=login
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?redirect=https%3A%2F%2Fbooking.ai%2F&source=--------------------------nav_reg&operation=register
Title: Get started

Search URL Search Domain Scan URL

URL: https://jobs.booking.com/careers?department=Data%20Science%20%26%20Analytics&domain=booking.com
Title: Data Science Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/PlanetBooking

Search URL Search Domain Scan URL

URL: https://facebook.com/planetbooking

Search URL Search Domain Scan URL

URL: https://medium.com/about
Title: About Medium

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f
Title: Terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://booking.ai/ HTTP 301
https://booking.ai/ HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fbooking.ai%2F HTTP 302
https://booking.ai/?gi=35294e4265ba Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
booking.ai/
Redirect Chain

http://booking.ai/
https://booking.ai/
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fbooking.ai%2F
https://booking.ai/?gi=35294e4265ba

205 KB
36 KB

803ms
802ms

Document
text/html

52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-79.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

7abd74120ccfb88cb6c4b5df99af19e2c8f79f7d288dca6abf0cbf9d3a3a3ef1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://booking.ai https://.booking.ai https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://booking.ai https://*.booking.ai https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 01:57:52 GMT
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
medium-fulfilled-by: valencia/main-20220505-143206-9ef6171d35
pragma: no-cache
sepia-upstream: medium
server: nginx
x-content-type-options: nosniff
x-envoy-upstream-service-time: 531
x-frame-options: sameorigin
x-obvious-info: 20220516-2357-root,524c9296
x-obvious-tid: 1652752672214:b25bac5b51fd
x-opentracing: {"ot-tracer-spanid":"0134063470b66b12","ot-tracer-traceid":"45776e9d75bf3b03","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70c8bea70f957747-LHR
content-length: 0
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
content-type: text/plain;charset=UTF-8
date: Tue, 17 May 2022 01:57:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://booking.ai/?gi=35294e4265ba
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220505-143206-9ef6171d35
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 79
x-frame-options: sameorigin
x-obvious-info: 20220516-2357-root,524c9296
x-obvious-tid: 1652752671924:2ebf7f8e387d
x-opentracing: {"ot-tracer-spanid":"0a04bd1d1b35141b","ot-tracer-traceid":"7405d4f97c3a3a66","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

GET
H2 200 m2-unbound.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/ 70 KB
46 KB 108ms
98ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2-unbound.css

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51fd0856be5c980c6f5bb1c29c1333ae0cef4c4351924163449ee704b7322f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1049
x-envoy-upstream-service-time: 269
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200
access-control-allow-credentials: true
cf-ray: 70c8beadcd797747-LHR
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Tue, 17 May 2022 03:57:52 GMT

GET
H2 200 main-branding-base.fjPGgkNh4FL35RkN0VJRsg.12.css
cdn-static-1.medium.com/_/fp/css/ 467 KB
64 KB 63ms
54ms Stylesheet
text/css 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/css/main-branding-base.fjPGgkNh4FL35RkN0VJRsg.12.css

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

397739baddf3f0a67c1872a79e616d5cce3b80ca1b8dbce524acf1d5cd0b3291

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8799252
cf-ray: 70c8beadcd787747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64669
x-amz-id-2: ms9fOfew5XMmUJBQZ3mbk0CIeuKjqjXSw/k0FhTMxRa+rgisOaAwFz62dFR4iVMGF0GZdauBbc0=
last-modified: Tue, 01 Feb 2022 04:59:48 GMT
server: cloudflare
etag: "1c69a376adce6d79ddd247fe2e12374b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: QXYXYDWKWSE3DGY7
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
expires: Wed, 17 May 2023 01:57:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1387
date: Tue, 17 May 2022 01:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 17 May 2022 03:34:46 GMT

GET
H2 200 1*5i1ugiw-5kV2ViHgcIYV5Q@2x.png
cdn-images-1.medium.com/max/980/ 26 KB
27 KB 64ms
55ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/980/1*5i1ugiw-5kV2ViHgcIYV5Q@2x.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9b002630805d1f2e61296f031b0c4b6b31b2a83679d81e7647f3052b1ac664

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66208
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27122
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beae8e157747-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H2 200 1*dmbNkD5D-u45r44go_cf0g.png
cdn-images-1.medium.com/proxy/ 6 KB
6 KB 56ms
54ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/proxy/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272ed9aef66df4b0fc0db7d8109a7949f039a9deabc1617eba270af19a72399d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1935069
x-envoy-upstream-service-time: 25
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6116
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210514-190939-619b54aa02
accept-ranges: bytes
cf-ray: 70c8beae8e197747-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H2 200 1*MO9IdP7-Hi27BfLd_PH4DA.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
3 KB 56ms
54ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*MO9IdP7-Hi27BfLd_PH4DA.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4e6411c89de84ee6a4346cd38602345e29ebb726731d0eb94f4b48bfb858e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66208
x-envoy-upstream-service-time: 41
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2941
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beae8e1a7747-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H2 200 1*BYwLheoN2Tx8ewJ9DG8WXg.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
3 KB 150ms
148ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*BYwLheoN2Tx8ewJ9DG8WXg.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f53e4db08bb928f20c43dbbe64884d492bee8108867be2018812a3ac6d7b88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 89
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3272
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 70c8beae8e1b7747-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H2 200 0*j8UL1ZE1mh_5Rm3b
cdn-images-1.medium.com/fit/c/72/72/ 2 KB
2 KB 193ms
191ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/0*j8UL1ZE1mh_5Rm3b

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26a7b70a94675a42c5bf4fc4e61854e9922ed5dd03893b641281ce79aa718b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 42
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1643
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beae8e1c7747-LHR
expires: Thu, 16 Jun 2022 01:57:53 UTC

GET
H2 200 1*DzMhukaOyUHNBCHtiYcW6g.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
4 KB 56ms
55ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*DzMhukaOyUHNBCHtiYcW6g.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a931ab5fa456b0bf372f0bcd13a3664b5399bc3783c3c4664e66332f228d7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66208
x-envoy-upstream-service-time: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3512
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beae8e1d7747-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 1*aZ0TWkQQpoPTXfzZyk0A-g.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
4 KB 57ms
57ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*aZ0TWkQQpoPTXfzZyk0A-g.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

341ac88296c4beacc26b503b6f167bb5db8ea1afc1d910d8905f7df88e19ea88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 249
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3379
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c8beaedaf488b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 1*APzuhN5coAR5cYj-7BQCRQ.png
cdn-images-1.medium.com/fit/c/72/72/ 11 KB
12 KB 58ms
58ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*APzuhN5coAR5cYj-7BQCRQ.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d00d6ba6d6ed1e88439e1c30d435adfaa88d96b2a255e65af7f67c5e2f758e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 105
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11499
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c8beaedaf688b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 2*OXILhkI_WuI0oJuMB0Cezw.png
cdn-images-1.medium.com/fit/c/72/72/ 9 KB
9 KB 365ms
364ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/2*OXILhkI_WuI0oJuMB0Cezw.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1189806f8543bc53842fe20ab3f8a6e9d52e4c762ece5f35990221359aceebc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 41
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8935
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaedaf788b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 1*Xy9r1obbBX5UmDhq_wliIw.jpeg
cdn-images-1.medium.com/fit/c/72/72/ 3 KB
4 KB 58ms
57ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/72/72/1*Xy9r1obbBX5UmDhq_wliIw.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ccbfc951670cc7df2c4b2e05f83e67f16a78ab09958931e7d2b89a23eb72588

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 44
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3387
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaedaf888b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H2 200 main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js Show response
cdn-static-1.medium.com/_/fp/gen-js/ 1 MB
321 KB 57ms
56ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c221893e37dfff32904e4ef7fa5368b220ee0ca5068f97131e345e0b3481683

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5841
cf-ray: 70c8beae8e1e7747-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 328250
x-amz-id-2: +awafnwuaMVusbreuLrIGqGf+9pUuaMbHGdEx/QLo7HBLm4EONF/jmky5j86/GWujYm57LDrLYs=
last-modified: Tue, 17 May 2022 00:11:33 GMT
server: cloudflare
etag: "4aa92b8f7098d293578a4bd3ae3d48d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 19SSR8FQWJM8EHG9
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 17 May 2023 01:57:53 GMT

GET
H2 200 stat
booking.ai/_/ 43 B
194 B 169ms
168ms Image
image/gif 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.ai/_/stat?event=pixel.load&origin=https%3A%2F%2Fbooking.ai
Requested by: Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-181-79.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
medium-fulfilled-by: valencia/main-20220505-143206-9ef6171d35
x-envoy-upstream-service-time: 33
sepia-upstream: medium
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 1*DH2Ii3RvJmCi-t1xkyYe5g.jpeg
cdn-images-1.medium.com/max/2400/ 178 KB
179 KB 86ms
85ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/2400/1*DH2Ii3RvJmCi-t1xkyYe5g.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b679bca18be1fef8ce71e7b51b1d5f857f426d6f2818fc4002ed3de15f8059e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 130
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182748
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaece447747-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7308f36363fb1faa04c40e6b51a9eab2255f8f233172395c5ee5ac3280e8183

Request headers

Referer
Origin: https://booking.ai
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 1*bflmEFdEQRhbPtkAmNJvhg.png
cdn-images-1.medium.com/max/2000/ 210 KB
210 KB 63ms
62ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/2000/1*bflmEFdEQRhbPtkAmNJvhg.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1599975c70db0d6e053dc08423331a1986aecc583913cf69f8f5af02defd27a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 80
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 215193
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaece457747-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H2 200 1*pcV8A64GzjTmkJ9GXbk4fQ.png
cdn-images-1.medium.com/max/1200/ 69 KB
69 KB 59ms
58ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1200/1*pcV8A64GzjTmkJ9GXbk4fQ.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e65c1bc1b842cede4adc1814461a7ef82bbe4b91862ef9e1f9638d1ce0397b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70193
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c8beaece467747-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46259572effe2f57ee56ee9371ee366a119d5442e9965fd4943bdffb3da9a25e

Request headers

Referer
Origin: https://booking.ai
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 81 KB
24 KB 189ms
64ms Script
text/javascript 108.138.17.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-81.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bbb9c0f0e0824480fd077d8340987a94369f9565dfcf6b89dcb00229fb49673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: qdsw2NkSLBBvb7vdgXpE9mqgp_9x4Fln
content-encoding: gzip
last-modified: Wed, 04 May 2022 17:13:35 GMT
server: AmazonS3
age: 229
etag: "02288b6b1ca1a8d5a1ce841c5df3ee19"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Tue, 17 May 2022 01:54:05 GMT
x-amz-cf-pop: FRA56-P7
content-length: 24357
x-amz-cf-id: SMTyUCQ8gEDos9kR326CDTs_1K9DohSD_HK5kay7shxH-DWuQ4_-jQ==

GET
H3 200 0*0xbfEgbaP1X316GR.png
cdn-images-1.medium.com/max/1200/ 108 KB
109 KB 180ms
180ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1200/0*0xbfEgbaP1X316GR.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a81fea207e23632d1f49ba778ac8b97005e576df48263d5e4ce6532da5d6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 106
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111004
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaeeb0088b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 1*6UfDwdwu7iYLWDPTgK0OQg.png
cdn-images-1.medium.com/max/1200/ 65 KB
66 KB 136ms
136ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1200/1*6UfDwdwu7iYLWDPTgK0OQg.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2583fdc8248bc95b1285b313f437754716f54947d0577d1566f61d69fc8da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 37
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67027
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaeeb0188b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 1*YjkEIuWQqNxLMz98sZUN-g.png
cdn-images-1.medium.com/max/1200/ 89 KB
90 KB 137ms
136ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1200/1*YjkEIuWQqNxLMz98sZUN-g.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d8464bbfd2a78120e7952871b350a35084d0c859d190f18aff2d2250f73ada7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 70
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91625
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c8beaeeb0288b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 1*ZaNY4Q6DsLB8eWGui2jhGg.png
cdn-images-1.medium.com/max/800/ 80 KB
81 KB 91ms
90ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/1*ZaNY4Q6DsLB8eWGui2jhGg.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724c490d63b91d68c383ce9f354ad878c0f8032a002b0eb734404a0667aeddbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 99
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81982
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaeeb0388b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 1*dAawajXuvL3epeKIoNMUOA.jpeg
cdn-images-1.medium.com/max/800/ 189 KB
189 KB 357ms
356ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/1*dAawajXuvL3epeKIoNMUOA.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37fb2776f3a40696a49c2f201ee4488e707079a2c2310f72b4882b2c95437909

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 117
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193150
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c8beaeeb0488b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 0*yOSEuZy4Swga8uzd
cdn-images-1.medium.com/max/2000/ 143 KB
144 KB 355ms
354ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/2000/0*yOSEuZy4Swga8uzd

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90148eaccf9235e90a185ed7fba757f7cd83a28a57ad9c0bcd639ba65c9fa97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 81
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 146716
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaeeb0588b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 UTC

GET
H3 200 0*RDaEk-VDaYV9f3yV
cdn-images-1.medium.com/max/800/ 39 KB
39 KB 354ms
353ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/0*RDaEk-VDaYV9f3yV

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c226510217997ada3669ee381ed75ed3643259a54a02cd5afde0bfe960dae5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39537
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaeeb0688b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 UTC

GET
H3 200 1*qD5AVSSex68CSyvD0-B6Uw.png
cdn-images-1.medium.com/max/800/ 638 KB
639 KB 288ms
287ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/1*qD5AVSSex68CSyvD0-B6Uw.png

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c08c54124fada39f7c22374689d6eea12f187bc1fbf7f2ffa42726889cca9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 107
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 653510
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20211118-133226-0da3f823da
accept-ranges: bytes
cf-ray: 70c8beaeeb0888b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 1*O7D9cJOIxXFqKSMTR9lm6g.jpeg
cdn-images-1.medium.com/max/800/ 145 KB
146 KB 588ms
587ms Image
image/jpeg 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/800/1*O7D9cJOIxXFqKSMTR9lm6g.jpeg

Requested by

Host: booking.ai
URL: https://booking.ai/?gi=35294e4265ba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e308ed92187b972c3095e822f0369e5a58d9746b01ba6dba77323ad09a7a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86595
x-envoy-upstream-service-time: 104
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 148812
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220418-141835-1d92ac7480
accept-ranges: bytes
cf-ray: 70c8beaeeb0988b6-LHR
expires: Thu, 16 Jun 2022 01:57:53 GMT

GET
H3 200 marat-sans-400-normal.woff
glyph.medium.com/font/d8659c9/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 21 KB
22 KB 104ms
56ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/d8659c9/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/marat-sans-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2-unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

254765da6129bbc6ddc3c4cd5cb98679aa10ad0703e05ed33b827a02d34873be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2-unbound.css
Origin: https://booking.ai
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8233339
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 70c8beaf380d88c1-LHR
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 17 May 2023 01:57:53 GMT

GET
H3 200 main-common-async.bundle.rmS0WygI4sbyuBNLaPB_WA.12.js Show response
cdn-static-1.medium.com/_/fp/gen-js/ 747 KB
205 KB 504ms
503ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/gen-js/main-common-async.bundle.rmS0WygI4sbyuBNLaPB_WA.12.js

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997e1c4bb18454fd1d7ca575ee26e5b985e974eec49f44997aa22cebe5c6348a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5840
cf-ray: 70c8beafbb8988b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 209102
x-amz-id-2: AlG/PRjFu4kzy0HQbsh9m9ukCK2x4C4L/vxdm5r30Eg1Empe19/jgldRDUcMDdCFzjBBdpJPBa8=
last-modified: Tue, 17 May 2022 00:11:33 GMT
server: cloudflare
etag: "f43f4c4d9c61b977d11146bc23041f13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZM7D97RHTMSJDSH5
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 17 May 2023 01:57:53 GMT

POST /
csp.medium.com/ 0
0

POST collect
www.google-analytics.com/j/ 0
0

GET
H2 200 _r Show response
app.link/ 91 B
563 B 327ms
207ms Script
text/javascript 2600:9000:225e:e000:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.61.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:e000:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

c960975ead356cece69ed7818c727474affe0c5137d35fc7a66a20dcfe2a3bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA60-P4
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
etag: W/"5b-P2qgShmZoUga4f2qkw41B1QKl+s"
x-amz-cf-id: Tp0YDoHaLKfAMPi01aZB9weLyK88ioKuE6lA1N3-Twm7gWHq1kuVlA==

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
207 B 141ms
140ms XHR
application/json 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a695d655a4f561381c93b8526bbc5762d77cc471908d616a3d75fa47a591de72

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://booking.ai/?gi=35294e4265ba
accept-language: en-GB,en;q=0.9
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 01:57:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 70c8beb46c50777d-LHR
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 396ms
293ms Preflight 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,lightstep-access-token
Access-Control-Request-Method: POST
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c8beb28aa7777d-LHR
content-length: 0
date: Tue, 17 May 2022 01:57:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
x-envoy-upstream-service-time: 0

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
630 B 342ms
215ms XHR
application/json 2600:9000:2491:4e00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4e00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7f0c1292a887eb31f94eb01847e03b7490a865344e0f8f62c8e7292a960c7e8a

Request headers

Referer: https://booking.ai/?gi=35294e4265ba
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 6204c0b34ada4b31aac4d62ecadd4dc0-2022051701
content-length: 316
x-amz-cf-id: DyISUENr6hnPpFUdjnbUFeqB8xFzRkg4FmoguaTLxcVdJ1MlXKnIVg==

GET
H3 200 main-home-screens.bundle.quhUsItea5YCuivElm9ZZA.12.js Show response
cdn-static-1.medium.com/_/fp/gen-js/ 5 KB
3 KB 52ms
52ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/gen-js/main-home-screens.bundle.quhUsItea5YCuivElm9ZZA.12.js

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb5f625a2b59bbdae0af40afa58c95f84a19d499ebf877baf331b62867fa9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/?gi=35294e4265ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5840
cf-ray: 70c8beb34e2688b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2158
x-amz-id-2: m0hHQDYjVuN4e5RjFrDX8UcpR0UtsGAunPHSXKapjzyUpPcwJRq3nS7MH++j6lJEdnPWcgwhNiM=
last-modified: Tue, 17 May 2022 00:11:33 GMT
server: cloudflare
etag: "da98086f5a14b02d08747b012bcbd742"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YBFCT3HS2YQTFSG9
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 17 May 2023 01:57:53 GMT

GET
H2 200 fp.min.js Show response
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3.1.0/dist/ 30 KB
13 KB 147ms
54ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3.1.0/dist/fp.min.js

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733b8b9c633050fc87a32e728a1ee052965bba562a9bc74689442386ea090681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://booking.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4898077
x-jsd-version: 3.1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-lcy19260-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"7686-bMYrhldj2l37cKFzqt1kEXkGfPk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkqbHP12lVw%2BopE3W1srYMC5jp2T%2FN5hN9gUj%2BqIVca7btHVwuMsZ6ENUbxdUnpoNaCj4f%2BKM%2FCJH8c8EtxLWoZlv0soHZu8U%2ByH8RtHLPoUqX%2BplpXXtQmIQs3TnvMANc05TjKuY77v1JwM09o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 70c8beb46f7e778f-LHR

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
388 B 224ms
223ms XHR
application/json 2600:9000:2491:4e00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4e00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://booking.ai/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 May 2022 01:57:54 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: ca9d489e4c5240b087260e5167c2340e-2022051701
content-length: 28
x-amz-cf-id: KNDDBlSVFrdk85w9E4TnbsZWHyvbjtv1cx-OA_hT_LwJdrnbI6ErKQ==

GET
H3 200 stream Show response
medium.com/_/api/collections/4d265f07defc/ 6 KB
3 KB 199ms
199ms XHR
application/json 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/_/api/collections/4d265f07defc/stream?to=1652752672330&ignoredIds=71755bad0e5f&ignoredIds=892118be9e19&ignoredIds=9e42781a2bcb&ignoredIds=d816bc8b8fb&ignoredIds=71cac0781944&ignoredIds=3796cd695454&ignoredIds=d65a1ee98cea&ignoredIds=1bb0f8f2027c&ignoredIds=223fba846876&ignoredIds=c01aff70b255&ignoredIds=3ee8fe943c70&ignoredIds=ae4cf05013f9&page=5

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Medium

Resource Hash

3e87f48367cfc7e1ebeb5f48da4dcaf54fc9188e4f07ef8ab6df0e95bba1e143

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-Client-Date: 1652752674135
X-XSRF-Token: 1
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://booking.ai/
X-Obvious-CID: web

Response headers

date: Tue, 17 May 2022 01:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
worker-missing-cookies: 0
x-powered-by: Medium
x-obvious-info: 20220516-2357-root,524c9296
x-envoy-upstream-service-time: 50
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
link: <https://medium.com/humans.txt>; rel="humans"
x-obvious-tid: 1652752674391:d9ddbcde4e6b
expires: Thu, 09 Sep 1999 09:09:09 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://booking.ai
vary: Accept-Encoding
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220505-143206-9ef6171d35
cf-ray: 70c8beb6886288b6-LHR
x-opentracing: {"ot-tracer-spanid":"7665a2707508007f","ot-tracer-traceid":"6b043b514b8f92a9","ot-tracer-sampled":"true"}
access-control-expose-headers: X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, X-Obvious-Profiling, X-Diagnostics, x-opentracing

OPTIONS
H3 204 stream
medium.com/_/api/collections/4d265f07defc/ 0
0 166ms
165ms Preflight 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Medium

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://.medium.com https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-date,x-obvious-cid,x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, User-Agent, DNT, Cache-Control, X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, x-opentracing
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://booking.ai
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70c8beb57db088c1-LHR
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
date: Tue, 17 May 2022 01:57:54 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://medium.com/humans.txt>; rel="humans"
medium-fulfilled-by: edgy/8.3.0, valencia/main-20220505-143206-9ef6171d35
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 15
x-frame-options: sameorigin
x-obvious-info: 20220516-2357-root,524c9296
x-obvious-tid: 1652752674223:ea4bac1cca51
x-opentracing: {"ot-tracer-spanid":"6cf95b7c42cd6bed","ot-tracer-traceid":"760edbc4fa461225","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
159 B 145ms
144ms XHR
application/json 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c033e4693775f52d86496f0fb44db26f6f9c1ddede321b26b829f4f6f406ecb

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://booking.ai/
accept-language: en-GB,en;q=0.9
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 01:57:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 70c8beb8aef4777d-LHR
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 149ms
148ms Preflight 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,lightstep-access-token
Access-Control-Request-Method: POST
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c8beb7be62777d-LHR
content-length: 0
date: Tue, 17 May 2022 01:57:54 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
x-envoy-upstream-service-time: 0

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
159 B 293ms
292ms XHR
application/json 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db2614dcd088277071638d23d9c84d8409b21fd7d03e59e056cf0e717b80104

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://booking.ai/
accept-language: en-GB,en;q=0.9
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 01:57:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 70c8bebc89cc777d-LHR
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 131ms
131ms Preflight 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,lightstep-access-token
Access-Control-Request-Method: POST
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c8bebbb935777d-LHR
content-length: 0
date: Tue, 17 May 2022 01:57:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
x-envoy-upstream-service-time: 0

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
182 B 133ms
132ms XHR
application/json 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a19036d57e278ae0297d8b2e3be5a1f24c725247d1e4f06a8c1ae6a0df0e10f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://booking.ai/
accept-language: en-GB,en;q=0.9
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 01:57:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 70c8bec13ce7777d-LHR
access-control-allow-headers: LightStep-Access-Token, Content-Type

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ 0
0 132ms
131ms Preflight 2606:4700:4400::6812:27ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,lightstep-access-token
Access-Control-Request-Method: POST
Origin: https://booking.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 70c8bec06c47777d-LHR
content-length: 0
date: Tue, 17 May 2022 01:57:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
x-envoy-upstream-service-time: 0

POST
H2 200 batch Show response
booking.ai/_/ 17 B
173 B 542ms
542ms XHR
application/json 52.5.181.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.ai/_/batch
Requested by: Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.6f6XwZPyaq6KPyGPPJfDpQ.12.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.181.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-181-79.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

X-Client-Date: 1652752678204
X-XSRF-Token: 1
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://booking.ai/
X-Obvious-CID: web

Response headers

date: Tue, 17 May 2022 01:57:58 GMT
medium-fulfilled-by: valencia/main-20220505-143206-9ef6171d35
x-envoy-upstream-service-time: 274
sepia-upstream: medium
server: nginx
content-length: 17
content-type: application/json

POST reports
lightstep.medium.systems/api/v0/ 0
0

OPTIONS reports
lightstep.medium.systems/api/v0/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csp.medium.com
URL: https://csp.medium.com/

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1391461081&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.ai%2F%3Fgi%3D35294e4265ba&ul=en-us&de=UTF-8&dt=Booking.com%20Data%20Science&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1983384216&gjid=1677157518&cid=1459094782.1652752673&tid=UA-24232453-2&_gid=1760552361.1652752673&_r=1&_slc=1&z=239727513

Domain: lightstep.medium.systems
URL: https://lightstep.medium.systems/api/v0/reports

Domain: lightstep.medium.systems
URL: https://lightstep.medium.systems/api/v0/reports

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medium.com/	1970-01-20 11:51:28	Name: sid Value: 1:+yoGtK3aTCquS1oE1wf95iWxhTHQShpRcDXlhuG0XDf7IcpqdUDFWWJrRKdoN3x0
.medium.com/	1970-01-20 11:51:28	Name: uid Value: lo_e63d09433fd3
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: 02ed2f2f33270f94c2af7a1ffd5f09029d5a7520-1652752672
booking.ai/	1970-01-20 11:51:28	Name: uid Value: lo_e63d09433fd3
booking.ai/	1970-01-20 11:51:28	Name: sid Value: 1:dH3zgmAiYjecrK7+ZOAUB8Us4VRO7onCQeVrdWBSUTxipO1AvEwAa2y7MpQGKSco
booking.ai/	1970-01-20 03:15:57	Name: lightstep_guid/medium-web Value: bc4b859d5cee7611
booking.ai/	1970-01-20 03:15:57	Name: lightstep_session_id Value: e1962001d9b904c8
booking.ai/	1970-01-20 03:15:57	Name: sz Value: 1600
booking.ai/	1970-01-20 03:15:57	Name: pr Value: 1
booking.ai/	1970-01-20 03:15:57	Name: tz Value: 0
.booking.ai/	1970-01-20 20:37:04	Name: _ga Value: GA1.2.1459094782.1652752673
.booking.ai/	1970-01-20 03:07:19	Name: _gid Value: GA1.2.1760552361.1652752673
.booking.ai/	1970-01-20 03:05:52	Name: _gat Value: 1
.app.link/	1970-01-20 11:51:28	Name: _s Value: nlKudtTs7CLJgmtPm9iSrCU%2F8lgdTMFJbJ9gC7F21Fzj5M%2Bp679anv%2FQgyc7xHcs

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.google-analytics.com/analytics.js(Line 43) Message: Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1391461081&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.ai%2F%3Fgi%3D35294e4265ba&ul=en-us&de=UTF-8&dt=Booking.com%20Data%20Science&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1983384216&gjid=1677157518&cid=1459094782.1652752673&tid=UA-24232453-2&_gid=1760552361.1652752673&_r=1&_slc=1&z=239727513' because it violates the following Content Security Policy directive: "connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://booking.ai https://.booking.ai https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://glyph.medium.com https://.paypal.com https://.braintree-api.com https://.braintreegateway.com https://accounts.google.com https://getpocket.com https://booking.ai https://.booking.ai https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://.branch.io 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: blob: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
booking.ai
cdn-images-1.medium.com
cdn-static-1.medium.com
cdn.branch.io
cdn.jsdelivr.net
csp.medium.com
glyph.medium.com
lightstep.medium.systems
medium.com
www.google-analytics.com
csp.medium.com
lightstep.medium.systems
www.google-analytics.com
108.138.17.81
2600:9000:225e:e000:19:9934:6a80:93a1
2600:9000:2491:4e00:11:f728:3040:93a1
2606:4700:4400::6812:27ad
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2606:4700::6810:5714
2a00:1450:4001:813::200e
52.5.181.79
1189806f8543bc53842fe20ab3f8a6e9d52e4c762ece5f35990221359aceebc7
1599975c70db0d6e053dc08423331a1986aecc583913cf69f8f5af02defd27a4
1c033e4693775f52d86496f0fb44db26f6f9c1ddede321b26b829f4f6f406ecb
254765da6129bbc6ddc3c4cd5cb98679aa10ad0703e05ed33b827a02d34873be
26a7b70a94675a42c5bf4fc4e61854e9922ed5dd03893b641281ce79aa718b26
272ed9aef66df4b0fc0db7d8109a7949f039a9deabc1617eba270af19a72399d
341ac88296c4beacc26b503b6f167bb5db8ea1afc1d910d8905f7df88e19ea88
37fb2776f3a40696a49c2f201ee4488e707079a2c2310f72b4882b2c95437909
397739baddf3f0a67c1872a79e616d5cce3b80ca1b8dbce524acf1d5cd0b3291
3a19036d57e278ae0297d8b2e3be5a1f24c725247d1e4f06a8c1ae6a0df0e10f
3db2614dcd088277071638d23d9c84d8409b21fd7d03e59e056cf0e717b80104
3e87f48367cfc7e1ebeb5f48da4dcaf54fc9188e4f07ef8ab6df0e95bba1e143
3f53e4db08bb928f20c43dbbe64884d492bee8108867be2018812a3ac6d7b88b
46259572effe2f57ee56ee9371ee366a119d5442e9965fd4943bdffb3da9a25e
4f9b002630805d1f2e61296f031b0c4b6b31b2a83679d81e7647f3052b1ac664
51fd0856be5c980c6f5bb1c29c1333ae0cef4c4351924163449ee704b7322f79
5bbb9c0f0e0824480fd077d8340987a94369f9565dfcf6b89dcb00229fb49673
5c221893e37dfff32904e4ef7fa5368b220ee0ca5068f97131e345e0b3481683
6b2583fdc8248bc95b1285b313f437754716f54947d0577d1566f61d69fc8da5
6b4e6411c89de84ee6a4346cd38602345e29ebb726731d0eb94f4b48bfb858e1
724c490d63b91d68c383ce9f354ad878c0f8032a002b0eb734404a0667aeddbb
733b8b9c633050fc87a32e728a1ee052965bba562a9bc74689442386ea090681
78d00d6ba6d6ed1e88439e1c30d435adfaa88d96b2a255e65af7f67c5e2f758e
7abd74120ccfb88cb6c4b5df99af19e2c8f79f7d288dca6abf0cbf9d3a3a3ef1
7c226510217997ada3669ee381ed75ed3643259a54a02cd5afde0bfe960dae5b
7d8464bbfd2a78120e7952871b350a35084d0c859d190f18aff2d2250f73ada7
7f0c1292a887eb31f94eb01847e03b7490a865344e0f8f62c8e7292a960c7e8a
8a931ab5fa456b0bf372f0bcd13a3664b5399bc3783c3c4664e66332f228d7b6
8c08c54124fada39f7c22374689d6eea12f187bc1fbf7f2ffa42726889cca9a3
8ccbfc951670cc7df2c4b2e05f83e67f16a78ab09958931e7d2b89a23eb72588
90148eaccf9235e90a185ed7fba757f7cd83a28a57ad9c0bcd639ba65c9fa97c
997e1c4bb18454fd1d7ca575ee26e5b985e974eec49f44997aa22cebe5c6348a
9e65c1bc1b842cede4adc1814461a7ef82bbe4b91862ef9e1f9638d1ce0397b4
9fb5f625a2b59bbdae0af40afa58c95f84a19d499ebf877baf331b62867fa9c5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a695d655a4f561381c93b8526bbc5762d77cc471908d616a3d75fa47a591de72
a7308f36363fb1faa04c40e6b51a9eab2255f8f233172395c5ee5ac3280e8183
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b679bca18be1fef8ce71e7b51b1d5f857f426d6f2818fc4002ed3de15f8059e6
c8a81fea207e23632d1f49ba778ac8b97005e576df48263d5e4ce6532da5d6c8
c960975ead356cece69ed7818c727474affe0c5137d35fc7a66a20dcfe2a3bd7
f0e308ed92187b972c3095e822f0369e5a58d9746b01ba6dba77323ad09a7a4a
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

booking.ai Open in urlscan Pro 52.5.181.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

92 %HTTPS

78 %IPv6

7 Domains

12 Subdomains

10 IPs

2 Countries

2821 kBTransfer

5039 kBSize

14 Cookies

10 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

booking.ai Open in urlscan Pro
52.5.181.79 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

92 %
HTTPS

78 %
IPv6

7
Domains

12
Subdomains

10
IPs

2
Countries

2821 kB
Transfer

5039 kB
Size

14
Cookies

51 HTTP transactions
2 data transactions