Open
Cached
·
just now
33
Headers
Detected Technologies from Headers
Apple ID
PayPal
Adobe Fonts (Typekit)
Akamai
AMP
Arkose Labs
Microsoft Advertising
Branch
Envoy
Facebook
GeeTest
Google AdSense
Google Analytics
Google Cloud Storage
Google Conversion Tracking
Google DoubleClick
Google Fonts
Google Hosted Libraries
Google Maps
Google Pay
Google reCAPTCHA
Google Search
Google Static File Front End
Google Sign-In
Google Tag Manager
Mapbox
New Relic
Nginx
Plaid
Stripe
Yahoo
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=10886400; includeSubdomains
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close, Transfer-Encoding
Transfer-Encoding
chunked
connection: close, Transfer-Encoding transfer-encoding: chunked
Caching Headers
Cache-Control
no-store, max-age=0, private, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-store, max-age=0, private, must-revalidate expires: Thu, 01 Jan 1970 00:00:00 GMT
Content Headers
Content-Type
text/html;charset=utf-8
content-type: text/html;charset=utf-8
Server Headers
Server
nginx
server: nginx
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Accept-Ch
Sec-CH-Device-Memory, Sec-CH-DPR, ECT, Sec-CH-UA-Platform-Version, Sec-CH-Viewport-Width, Sec-CH-Device-Memory, Sec-CH-DPR, ECT, Sec-CH-UA-Platform-Version, Sec-CH-Viewport-Width
Accept-Ch-Lifetime
31536000
Akamai-Request-Bc
[a=23.220.105.199,b=34663729,c=g,n=US_VA_ASHBURN,o=20940],[c=c,n=US_VA_ASHBURN,o=20940],[a=247,c=o]
Alt-Svc
h3=":443"; ma=93600
Cachestatus
on
Date
Mon, 27 Apr 2026 09:37:52 GMT
Link
rel=preload
as=style
crossorigin=anonymous
media=print
rel=preload
as=font
type=font/woff2
crossorigin=anonymous
rel=preconnect
crossorigin=anonymous
Origin-Trial
AkOekvxwprBLSP7I2nhyRn5yZGt9lTJN6UIYziFKVYg5OhlzmlNDciWbBWkEQ5TYPz+aqsuIUT2pPEjPUD5dFAsAAABneyJvcmlnaW4iOiJodHRwczovL2FpcmJuYi5jb206NDQzIiwiZmVhdHVyZSI6IlByaW9yaXR5SGludHNBUEkiLCJleHBpcnkiOjE2NDc5OTM1OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
Server-Timing
ingress;dur=53, upstream;dur=53, cdn-cache; desc=MISS, edge; dur=27, origin; dur=59
Status
200 OK
X-Airbnb-Everest-Device-Id
1777282671.EAZGZhMzE5OTg3OTQ1MT.AkRpjLzaqrAxLoxsCgCFuMwWJSg5KOPZsnFL8MuquaM
X-Airbnb-Internal-Trace-Id
5BRAX08NOxBQ4dM7AAMtGg==
X-Airbnb-Kraken-Flush-Body
1
X-Airbnb-Sureride
c1a1o.0.c769dc17.1777282671.210ed31%%i1c1o%%t1d1o.5BRAX08NOxBQ4dM7AAMtGg==%%e1f1o.E2IHEUl1EAUJMgtdDycGChRiGQ%%t1d1o.5BRAX08NOxBQ4dM7AAMtGg==%%h1
X-Browser-Type
unknown
X-Envoy-Upstream-Service-Time
53
X-Erf-Bev-Bev
1777282671_EAYTk4NGQzMDIzMW
X-Erf-Bev-Bev-Is-Generated
1
X-Instrumentation
airbnb
X-Kraken-Loop-Name
core-guest-loop
X-Server-Lifecycle-Phase
running
accept-ch: Sec-CH-Device-Memory, Sec-CH-DPR, ECT, Sec-CH-UA-Platform-Version, Sec-CH-Viewport-Width, Sec-CH-Device-Memory, Sec-CH-DPR, ECT, Sec-CH-UA-Platform-Version, Sec-CH-Viewport-Width accept-ch-lifetime: 31536000 akamai-request-bc: [a=23.220.105.199,b=34663729,c=g,n=US_VA_ASHBURN,o=20940],[c=c,n=US_VA_ASHBURN,o=20940],[a=247,c=o] alt-svc: h3=":443"; ma=93600 cachestatus: on date: Mon, 27 Apr 2026 09:37:52 GMT link: <https://a0.muscache.com/airbnb/static/packages/web/common/frontend/core-guest-loop/apps/core-guest-spa/client.c88ac7dde3.css>;rel=preload;as=style;crossorigin=anonymous;media=print,<https://a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/cereal-variable/AirbnbCerealVF_W_Wght.8816d9e5c3b6a860636193e36b6ac4e4.woff2>;rel=preload;as=font;type=font/woff2;crossorigin=anonymous,<https://a0.muscache.com/airbnb>;rel=preconnect;crossorigin=anonymous origin-trial: AkOekvxwprBLSP7I2nhyRn5yZGt9lTJN6UIYziFKVYg5OhlzmlNDciWbBWkEQ5TYPz+aqsuIUT2pPEjPUD5dFAsAAABneyJvcmlnaW4iOiJodHRwczovL2FpcmJuYi5jb206NDQzIiwiZmVhdHVyZSI6IlByaW9yaXR5SGludHNBUEkiLCJleHBpcnkiOjE2NDc5OTM1OTksImlzU3ViZG9tYWluIjp0cnVlfQ== server-timing: ingress;dur=53, upstream;dur=53, cdn-cache; desc=MISS, edge; dur=27, origin; dur=59 status: 200 OK x-airbnb-everest-device-id: 1777282671.EAZGZhMzE5OTg3OTQ1MT.AkRpjLzaqrAxLoxsCgCFuMwWJSg5KOPZsnFL8MuquaM x-airbnb-internal-trace-id: 5BRAX08NOxBQ4dM7AAMtGg== x-airbnb-kraken-flush-body: 1 x-airbnb-sureride: c1a1o.0.c769dc17.1777282671.210ed31%%i1c1o%%t1d1o.5BRAX08NOxBQ4dM7AAMtGg==%%e1f1o.E2IHEUl1EAUJMgtdDycGChRiGQ%%t1d1o.5BRAX08NOxBQ4dM7AAMtGg==%%h1 x-browser-type: unknown x-envoy-upstream-service-time: 53 x-erf-bev-bev: 1777282671_EAYTk4NGQzMDIzMW x-erf-bev-bev-is-generated: 1 x-instrumentation: airbnb x-kraken-loop-name: core-guest-loop x-server-lifecycle-phase: running
Recommendations
Enable compression (gzip/brotli) to improve performance