www.booking.com Open in urlscan Pro
13.32.121.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ch.booking.com/c?target=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tL3IvP2NhYmluQ2xhc3M9RUNPTk9NWSZvcmlnaW49UEFSJmFkdWx...
Effective URL:
https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qx...
Submission: On May 22 via api (May 22nd 2023, 4:20:22 pm UTC) from BE — Scanned from DE

Summary HTTP 60 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 60 HTTP transactions. The main IP is 13.32.121.90, located in United States and belongs to AMAZON-02, US. The main domain is www.booking.com. The Cisco Umbrella rank of the primary domain is 7011.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 3rd 2022. Valid for: a year.

This is the only time www.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.222.214.109 52.222.214.109	16509 (AMAZON-02) (AMAZON-02)
3 11	52.222.236.65 52.222.236.65	16509 (AMAZON-02) (AMAZON-02)
1 4	13.32.121.90 13.32.121.90	16509 (AMAZON-02) (AMAZON-02)
21	2600:9000:236... 2600:9000:236e:1e00:1f:e2ee:200:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2491:9200:15:9f56:b80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	13

1 52.222.214.109 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-109.fra56.r.cloudfront.net

ch.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.222.236.65 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-65.fra56.r.cloudfront.net

flights.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-90.fra60.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:236e:1e00:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)

q-xx.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r-cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q-cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:9200:15:9f56:b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

t-cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	bstatic.com q-xx.bstatic.com — Cisco Umbrella Rank: 13956 r-cf.bstatic.com — Cisco Umbrella Rank: 157906 q-cf.bstatic.com — Cisco Umbrella Rank: 94409 t-cf.bstatic.com — Cisco Umbrella Rank: 20494	610 KB
16	booking.com 5 redirects ch.booking.com — Cisco Umbrella Rank: 496091 flights.booking.com — Cisco Umbrella Rank: 70190 www.booking.com — Cisco Umbrella Rank: 7011	94 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 368	114 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6080	670 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	670 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	4 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 343	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	125 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 587	312 B
60	10

	Domain	Requested by
15	q-xx.bstatic.com	www.booking.com q-xx.bstatic.com
11	flights.booking.com	3 redirects q-xx.bstatic.com
7	cdn.cookielaw.org	www.booking.com cdn.cookielaw.org
4	www.google-analytics.com	www.booking.com www.google-analytics.com
4	r-cf.bstatic.com	www.booking.com
4	www.booking.com	1 redirects www.booking.com q-xx.bstatic.com
3	www.google.de	www.booking.com
3	www.google.com	www.booking.com
3	t-cf.bstatic.com	www.booking.com
2	bat.bing.com	www.booking.com bat.bing.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.googletagmanager.com	www.booking.com www.googletagmanager.com
2	q-cf.bstatic.com	www.booking.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	ch.booking.com	1 redirects
60	16

This site contains links to these domains. Also see Links.

Domain
flights.booking.com
secure.booking.com
booking.com

Subject Issuer	Validity	Valid
*.booking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-03` - `2023-07-11`	a year	crt.sh
*.bstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-21` - `2023-10-11`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP
Frame ID: 148BD33B6A72E87E6B0236AA3FC3FA73
Requests: 55 HTTP requests in this frame

Frame: https://www.booking.com/cookiebanner.html
Frame ID: 388613CE9DD25D02FC67F40AFC75DA10
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trouvez des vols et des billets d'avion pas chers | Booking.com

Page URL History Show full URLs

https://ch.booking.com/c?target=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tL3IvP2NhYmluQ2xhc3M9RUNPTk9NWSZ... HTTP 307
https://flights.booking.com/r/?cabinClass=ECONOMY&origin=PAR&adults=2&destination=NTE&adplat=email-mg_co... HTTP 302
https://flights.booking.com/?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxd... HTTP 302
https://www.booking.com/food_redirect.html?url=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tLz9hZHBsYXQ9ZW1ha... HTTP 302
https://flights.booking.com/?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxd... HTTP 302
https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-c... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

60
Requests

100 %
HTTPS

79 %
IPv6

10
Domains

16
Subdomains

13
IPs

3
Countries

976 kB
Transfer

4034 kB
Size

18
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://flights.booking.com/?aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help?source=hc_entry_point_flights_header&lang=fr&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el

Search URL Search Domain Scan URL

URL: https://flights.booking.com/api/oauth/register?redirectURL=/flights/index.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP
Title: S'inscrire

Search URL Search Domain Scan URL

URL: https://flights.booking.com/api/oauth/login?redirectURL=/flights/index.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP
Title: Se connecter

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?token=UmFuZG9tSVYkc2RlIyh9Yb_j2lI_8tiOE-fXMxH6HnL1gAl5zhV4JqHfAjuyS9g__0dshyn9iVkNP8CaEa6nL9w3AqTTcCnxtrqYT5UBpw1Rm5Ri9tOyaC_-onROH_eqvHBGJHYbRTIFM-gjuwkWI-htZCUTR-d2zWMEw2dQJ6DIzJd9W11fMEcQQ-7gmuhTybFRHrddy3OogFStqw6K1X6Ls9h8Qs1CA70PuwlHtqkDM3bvjP5Lz2XRgsOu4oND2YDrBKGZExyfZkoFovhRgzGB6nBDv8-6gSiLpHxHu1f8DRRUwVRspX6hoOpJ8ElEMMATHpm8XGseVMMs3j2Fww&lang=fr&url=https%3A%2F%2Fbooking.kayak.com%2Fin%3Fp%3Dsearchbox_link%26sid%3D11fee233be453cabcef005d82da46ed1%26mc%3DEUR%26a%3Dbdc%252Fsearchbox%26bdclc%3Dfr&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Vols

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?aid=2097130&lang=fr&url=https%3A%2F%2Fbooking-dp.lastminute.de&token=UmFuZG9tSVYkc2RlIyh9YXYkRVs_GG8EPfbmdOjJomtnKfMfUeYRsSVmmYSk8GZ_7Z8K_WMS6f3lgy30FoMZVwPaBQGvK0XEHthgFl3up_zYrT6LY_lDPGcxKE2De2Z8k4gUuVbqQAPgxhxFPyLdWSzLg7vXJc53519NpE4W5khVic4KYcWPYTTX0XorpD68TEAeTfmJNs_D8xt5UJdAedaU5wRmUIq3uhoLkb2YD99rAKsrLb6XW6B1NoPOUJ_Wmr81Yquk5Y7wvmkh984zjrpWET7Zu4cUXSvLXs9cg-DfZCE_EuWm4litWI3vT-Wf2-lKaZ2l8DKRPoLJslVdXQ&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Vol + hôtel

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-LON/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-22&return=2023-05-29&from=FRA&to=LON&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Francfort-sur-le-Main - Londres22 mai - 29 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-PMI/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-23&return=2023-05-30&from=FRA&to=PMI&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Francfort-sur-le-Main - Palma de Majorque23 mai - 30 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-IST/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-23&return=2023-05-30&from=FRA&to=IST&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Francfort-sur-le-Main - Istanbul23 mai - 30 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-OPO/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-23&return=2023-05-30&from=FRA&to=OPO&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Francfort-sur-le-Main - Porto23 mai - 30 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-ROM/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-25&return=2023-06-01&from=FRA&to=ROM&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Francfort-sur-le-Main - Rome25 mai - 1er juin · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-MIL/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-27&return=2023-06-03&from=FRA&to=MIL&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Francfort-sur-le-Main - Parme27 mai - 3 juin · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-BCN/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-24&return=2023-05-31&from=FRA&to=BCN&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Francfort-sur-le-Main - Barcelone24 mai - 31 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-PAR/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-23&return=2023-05-30&from=FRA&to=PAR&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Francfort-sur-le-Main - Paris23 mai - 30 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-IZM/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-22&return=2023-05-29&from=FRA&to=IZM&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Francfort-sur-le-Main - Izmir22 mai - 29 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-BKK/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-24&return=2023-05-31&from=FRA&to=BKK&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Bangkok, ThaïlandeVols depuis Frankfurt24 mai - 31 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-NYC/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-22&return=2023-05-29&from=FRA&to=NYC&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: New York, États-UnisVols depuis Frankfurt22 mai - 29 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-LIS/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-23&return=2023-05-30&from=FRA&to=LIS&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Lisbonne, PortugalVols depuis Frankfurt23 mai - 30 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-DPS/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-24&return=2023-05-31&from=FRA&to=DPS&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Kuta, IndonésieVols depuis Frankfurt24 mai - 31 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://flights.booking.com/flights/FRA-AYT/?type=ROUNDTRIP&adults=1&cabinClass=ECONOMY&sort=BEST&depart=2023-05-22&return=2023-05-29&from=FRA&to=AYT&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Antalya, TurquieVols depuis Frankfurt22 mai - 29 mai · Aller-retour

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help?source=hc_entry_point_flights_footer&lang=fr&aid=2097130&label=confirmation_text&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el
Title: Aide pour les vols

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ch.booking.com/c?target=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tL3IvP2NhYmluQ2xhc3M9RUNPTk9NWSZvcmlnaW49UEFSJmFkdWx0cz0yJmRlc3RpbmF0aW9uPU5URSZhZHBsYXQ9ZW1haWwtbWdfY29uZmlybWF0aW9uX2VtYWlsLWxwX2luX2NvcHktZmxpZ2h0LWNoZWNrbGlzdC0zeGRSR2hZSDBxeGR3YzBmenk1NWVsJmxhYmVsPWNvbmZpcm1hdGlvbl90ZXh0JnR5cGU9Uk9VTkRUUklQJmZyb209UEFSJnRvPU5URSZkZXBhcnQ9MjAyMy0wNS0yMCZsYW5nPWZyJnNob3dMb2FkZXI9MSZhaWQ9MjA5NzEzMCZyZXR1cm49MjAyMy0wNS0yMQ==&st=RkxJR0hU&lt=UFJPRFVDVDpyb3VuZHRyaXA=&rid=eefbd350-f624-11ed-8e81-870ebc44d339&si=ChZiLXBhbmRhLXRvcC1rLXNlbGVjdG9yEAEaQFRBTAhwP0tB1dGk/kgYl4qLWI/oSYGsN2/VeRPqcivtJlTkgRsKBnk1MnKMe201n1S/wjXtuHlLEe+b1IhNawI=&mmconf=checklist HTTP 307
https://flights.booking.com/r/?cabinClass=ECONOMY&origin=PAR&adults=2&destination=NTE&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&label=confirmation_text&type=ROUNDTRIP&from=PAR&to=NTE&depart=2023-05-20&lang=fr&showLoader=1&aid=2097130&return=2023-05-21 HTTP 302
https://flights.booking.com/?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP HTTP 302
https://www.booking.com/food_redirect.html?url=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tLz9hZHBsYXQ9ZW1haWwtbWdfY29uZmlybWF0aW9uX2VtYWlsLWxwX2luX2NvcHktZmxpZ2h0LWNoZWNrbGlzdC0zeGRSR2hZSDBxeGR3YzBmenk1NWVsJmFkdWx0cz0yJmFpZD0yMDk3MTMwJmNhYmluQ2xhc3M9RUNPTk9NWSZkZXBhcnQ9MjAyMy0wNS0yMCZkZXN0aW5hdGlvbj1OVEUmZnJvbT1QQVImbGFiZWw9Y29uZmlybWF0aW9uX3RleHQmbGFuZz1mciZvcmlnaW49UEFSJnJldHVybj0yMDIzLTA1LTIxJnNob3dMb2FkZXI9MSZ0bz1OVEUmdHlwZT1ST1VORFRSSVA%3D HTTP 302
https://flights.booking.com/?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP HTTP 302
https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.fr.html Show response
www.booking.com/flights/
Redirect Chain

https://ch.booking.com/c?target=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tL3IvP2NhYmluQ2xhc3M9RUNPTk9NWSZvcmlnaW49UEFSJmFkdWx0cz0yJmRlc3RpbmF0aW9uPU5URSZhZHBsYXQ9ZW1haWwtbWdfY29uZmlybWF0aW9uX2VtYWlsLWxwX...
https://flights.booking.com/r/?cabinClass=ECONOMY&origin=PAR&adults=2&destination=NTE&adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&label=confirmation_text&t...
https://flights.booking.com/?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR...
https://www.booking.com/food_redirect.html?url=aHR0cHM6Ly9mbGlnaHRzLmJvb2tpbmcuY29tLz9hZHBsYXQ9ZW1haWwtbWdfY29uZmlybWF0aW9uX2VtYWlsLWxwX2luX2NvcHktZmxpZ2h0LWNoZWNrbGlzdC0zeGRSR2hZSDBxeGR3YzBmenk1NW...
https://flights.booking.com/?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR...
https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destina...

610 KB
78 KB

407ms
406ms

Document
text/html

13.32.121.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-90.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

a932e7805e1f14f9d9c381b984ae1c43008b8c844f78949b245a211dcf57cca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800 max-age=31536000;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 78138
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=0f8b72e0da5f03ae&e=UmFuZG9tSVYkc2RlIyh9YWNWlKLi8Iutx1ipE2aqggkWQ5Cqa4D-gLIyHKQLNCyH
content-type: text/html; charset=UTF-8
date: Mon, 22 May 2023 16:20:16 GMT
nel: {"max_age":604800,"report_to":"default"}
reason
referrer-policy: no-referrer
report-to: {"max_age":604800,"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}]}
server: envoy
status: 200
strict-transport-security: max-age=604800 max-age=31536000;
vary: User-Agent, Accept-Encoding
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-id: dS0Xvn4pRvSq7adFDJHhEJaC_2jtPddGxlu54VMg3KLqruig1Akx-A==
x-amz-cf-pop: FRA60-P1
x-bookings-http-multivalue: HASH(0x7f784e46af00)
x-cache: Miss from cloudfront
x-content-type-options: nosniff nosniff
x-envoy-upstream-service-time: 173
x-frame-options: SAMEORIGIN
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
x-request-id: 1eb42d39-4c07-4946-b137-4601497ca10e
x-xss-protection: 1; mode=block

Redirect headers

content-length: 768
content-type: text/html; charset=utf-8
date: Mon, 22 May 2023 16:20:15 GMT
location: https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000;
vary: Accept
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-id: fuK9PPADrDqU9kybmvN-gOEuWqSm8Eqc3P1g0U61jFu42bMBEEOm8w==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 89503ab0-f8bc-11ed-bf6e-49605e85f4f0
x-xss-protection: 1; mode=block

GET
H2 200 client.9f2d7534.css
q-xx.bstatic.com/flights/web/static/css/ 167 KB
17 KB 493ms
8ms Stylesheet
text/css 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/css/client.9f2d7534.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e22b81dffc77079575519c626c967865eaa31c930e5fa2b99015b91c863b572b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 05:14:44 GMT
content-encoding: br
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 2459132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Thu, 01 Jun 2023 10:15:39 GMT", rule-id="expire-static-assets"
last-modified: Thu, 20 Apr 2023 14:11:28 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:2905fcf7e92011783ef25630014b5868
etag: W/"2905fcf7e92011783ef25630014b5868"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 4fmsEal_zjWPbrQBeM_Fu3HBiWaFd2_8D_FwJca42B-fJD6a5oiZdA==
expires: Wed, 24 May 2023 05:14:44 GMT

GET
H2 200 screens-Home.fc65be5e.chunk.css
q-xx.bstatic.com/flights/web/static/css/ 48 KB
7 KB 493ms
9ms Stylesheet
text/css 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/css/screens-Home.fc65be5e.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

913a6a98a92fced89fecd725fd781d29751b1e0580426c18712487b3e529e1ca

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 11 May 2023 04:33:37 GMT
content-encoding: br
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 992799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Wed, 12 Jul 2023 13:18:47 GMT", rule-id="expire-static-assets"
last-modified: Mon, 08 May 2023 16:11:54 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:9ff5f5eb4a64bab0bdcf50b426d059ea
etag: W/"9ff5f5eb4a64bab0bdcf50b426d059ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 8RYdh_7kNml3kTemGPCLwarz0uxAshMyFZOEyvvq4n3M-D4q7W20Ow==
expires: Sat, 10 Jun 2023 04:33:37 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/7163e23c-88a8-41d6-8838-55b75cf39a74/ 5 KB
3 KB 39ms
22ms Script
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7163e23c-88a8-41d6-8838-55b75cf39a74/OtAutoBlock.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

975776e3667027dc23eb2a8a1a824592d0e0484bad41b155ccf25b7933313460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 May 2023 16:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BQHmXbCxkHlYXV10huuqGw==
age: 18043
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2040
x-ms-lease-status: unlocked
last-modified: Tue, 28 Mar 2023 11:04:13 GMT
server: cloudflare
etag: 0x8DB2F7C2A78574B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: db91fa9a-001e-003b-4865-619ab8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cb662b2ed64039a-FRA
expires: Tue, 23 May 2023 16:20:16 GMT

GET
H2 200 653645.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 8 KB
8 KB 8ms
8ms Image
image/jpeg 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/653645.jpg?k=f54715ae6012a3f9481faedab3bc8a07549a24b964a14565e1f5b79338418166&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b1c852eb6fab5d21a65dac34a4171ecd41942ba284789d45696e02892dba033b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:37:04 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 294192
etag: "837e04f4d61ba0b33862972d63194b8bb0eb4534"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: NLKAWhg9T4ymC8rl12350oniqT3kPkZmFleZGTBlDgFiMscgq5ATRA==
content-length: 8010
x-xss-protection: 1; mode=block
expires: Sun, 18 Jun 2023 06:37:04 GMT

GET
H2 200 27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png
r-cf.bstatic.com/static/img/tfl/group_logos/logo_booking/ 2 KB
2 KB 236ms
8ms Image
image/png 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r-cf.bstatic.com/static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 01 May 2023 00:16:56 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 1872201
x-cache: Hit from cloudfront
content-length: 1628
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-65c"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: M-D5lm6wbjnGj96AYVlMNSw8ntnx4f4B3KzqQ_lU9YWtIINcnw-kqw==
expires: Wed, 31 May 2023 00:16:56 GMT

GET
H2 200 f80e129541f2a952d470df2447373390f3dd4e44.png
q-cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/ 2 KB
2 KB 218ms
9ms Image
image/png 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 04:20:52 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 133779
x-cache: Hit from cloudfront
content-length: 1591
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-637"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pJbKS4gVLw4cLuRN2BHeVmKwML7Xiy5-Kb53GDkBb6oLHVhDjIPDuQ==
expires: Tue, 20 Jun 2023 03:10:38 GMT

GET
H2 200 83ef7122074473a6566094e957ff834badb58ce6.png
r-cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/ 1 KB
2 KB 215ms
8ms Image
image/png 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r-cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 20:08:23 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 660574
x-cache: Hit from cloudfront
content-length: 1154
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-482"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: cGrfl378abfQWxqzBSNkq9PkGEP1r1TJgvgJ4DrZ7b93qfg32C1QrQ==
expires: Wed, 14 Jun 2023 00:50:43 GMT

GET
H2 200 1c9191b6a3651bf030e41e99a153b64f449845ed.png
q-cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/ 2 KB
3 KB 216ms
9ms Image
image/png 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 14:15:12 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 2513105
x-cache: Hit from cloudfront
content-length: 2146
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 10:15:57 GMT
server: nginx
etag: "5e6a0bdd-862"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: zN-4y41Si8wb2-RMfHM1ezR-Z5Vxbcu6z-ptlE-JAgqUTUODueFE6w==
expires: Tue, 23 May 2023 14:15:12 GMT

GET
H2 200 6bc5ec89d870111592a378bbe7a2086f0b01abc4.png
r-cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/ 3 KB
4 KB 215ms
8ms Image
image/png 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r-cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/6bc5ec89d870111592a378bbe7a2086f0b01abc4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:37:33 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 566927
x-cache: Hit from cloudfront
content-length: 3221
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-c95"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Cmlu75BJj1G3boHBFow5njSRFereC5IllJe-2-FdYC5aL3acG2d-4g==
expires: Thu, 15 Jun 2023 02:51:30 GMT

GET
H2 200 a4b50503eda6c15773d6e61c238230eb42fb050d.png
r-cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/ 2 KB
3 KB 214ms
7ms Image
image/png 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r-cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 07:05:32 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 2279685
x-cache: Hit from cloudfront
content-length: 2344
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-928"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2navsvoHuh4uOEvCJeThQtRZInBQb6WKYWrcnoKp385zmYaerXT8AA==
expires: Fri, 26 May 2023 07:05:32 GMT

GET
H2 200 client.826ce9df.js Show response
q-xx.bstatic.com/flights/web/static/js/ 1 MB
268 KB 23ms
8ms Script
application/javascript 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/js/client.826ce9df.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1387ba51b7b70150dc27266cbc561d8cf874bec3b36b2556e0a72f5d11d392f9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:40 GMT
content-encoding: br
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 11555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Sun, 20 Aug 2023 12:36:06 GMT", rule-id="expire-static-assets"
last-modified: Mon, 22 May 2023 12:36:06 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:aa188292c5c17f306fe46f119617c195
etag: W/"aa188292c5c17f306fe46f119617c195"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: g1diC62S2a6ENPBEjt3Umq2Ed-Qq_i2xTIZ6VdlFkEPnIaHdywzf9Q==
expires: Wed, 21 Jun 2023 13:07:40 GMT

GET
H2 200 screens-Home.0e8a3c79.chunk.js Show response
q-xx.bstatic.com/flights/web/static/js/ 338 KB
71 KB 44ms
29ms Script
application/javascript 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/js/screens-Home.0e8a3c79.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a0873b3d65365cb1960ac09327b7c1364ec14cc061d3d404a9932325a82514f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 09:46:28 GMT
content-encoding: br
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 887627
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Wed, 09 Aug 2023 11:04:41 GMT", rule-id="expire-static-assets"
last-modified: Fri, 12 May 2023 08:52:41 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:08ba24e7e77de495b84724c4be8f08d1
etag: W/"08ba24e7e77de495b84724c4be8f08d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: EqQbnoQqA3pZBwex4h_AUhRqOLOefSjuG-aZt_PouBzGl3_Fjb7PtQ==
expires: Sun, 11 Jun 2023 09:46:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
58 KB 160ms
71ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQHB9P4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a3ea73cd7b690203665bf99cbae559fb56f20671da1fe4db9afe7cdcb5e040b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:20:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59135
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 16:20:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 126ms
37ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 May 2023 15:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4517
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 22 May 2023 17:05:00 GMT

GET
H2 200 fr.png
q-xx.bstatic.com/backend_static/common/flags/new/48-squared/ 153 B
717 B 8ms
7ms Image
image/png 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/backend_static/common/flags/new/48-squared/fr.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8c823b6fe7ed7a0af5f592357f0512e43a86813159f095e7292489ba86c1e6d6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 01:05:08 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 746109
x-cache: Hit from cloudfront
content-length: 153
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
server: nginx
etag: "5f55f887-99"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 88AgpKe6GPaZr0AClOmoB1UKAKDsR5GNtE6Ucy61p_uQrzssiOzx1g==
expires: Tue, 13 Jun 2023 01:05:08 GMT

GET
H2 200 976949.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 14 KB
14 KB 10ms
9ms Image
image/jpeg 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/976949.jpg?k=f0ca050b86e8214ef05124a776f1bd0bf8dd24ed4d35d3b644cf5ec7a661010a&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4dd4756c3b45a8311cf91d4dd81f5ab6a974f77c62e48d81ac017d2facb69b6f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 05 May 2023 12:19:37 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 1483240
etag: "3ad0ace86ade4b58e6499004397a10d10f2be852"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: rML7XshWvAgo2uvWQ_Fg0Tnm2jz6Ls2wietIYLGR4yGnDy_i5K3bVg==
content-length: 14389
x-xss-protection: 1; mode=block
expires: Sun, 04 Jun 2023 12:19:37 GMT

GET
H2 200 645685.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 8 KB
8 KB 13ms
11ms Image
image/jpeg 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/645685.jpg?k=bb3c96578e18a637d5481bd37ce507968c8473365b557d08c302e105ec5f13dc&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e1117bd0c871b65190e19381e2856bb55fab15b957b14e6cce36ed3c3c384908

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 01:12:22 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 2560075
etag: "2db1598f3b33c253008e1605f033d437c8781006"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: irScM-y53JzXS9APJ0XsWmR1nark7NOhS4rKqenDKeef5iT6Xc1MWA==
content-length: 7935
x-xss-protection: 1; mode=block
expires: Tue, 23 May 2023 01:12:22 GMT

GET
H2 200 654657.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 8 KB
9 KB 14ms
12ms Image
image/jpeg 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/654657.jpg?k=89856fe34d0c79585591dfb571c096931beeea442ef9175f86cd9960ffb242dd&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f4b37393f2c075b901968f72e63b4057dbd6f1b0e48acba372529b13faa3dc6a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 18:06:04 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 2844853
etag: "ba87dafbcd04b4b6850c17f977cfa9feef9aee2e"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3888000
timing-allow-origin: *
x-amz-cf-id: NM00bgirxJx9xwimxvjUKdEdKQVzUC7aoPmXmkLosq1Iaf63O3fO7Q==
content-length: 8378
x-xss-protection: 1; mode=block
expires: Sat, 03 Jun 2023 18:06:04 GMT

GET
H2 200 971982.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 15 KB
15 KB 11ms
9ms Image
image/jpeg 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/971982.jpg?k=b65c557258d14ccaf06765683a26d8f2bc5088d751af34e0986923daa72eab98&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b351283674b0d43f5353319877686a7d2070173809ba5e2dcd29f2b96e261667

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 04:02:52 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 735445
etag: "c3b697696bb8000dbf53816ff13df7a7cc9244d3"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: WEYb_zjZJUAvxKYTLDVrTuA9tUvy_99523k0jTSRJvpbE3RTC7MONw==
content-length: 15284
x-xss-protection: 1; mode=block
expires: Tue, 13 Jun 2023 04:02:52 GMT

GET
H2 200 620027.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 10 KB
11 KB 15ms
14ms Image
image/jpeg 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/620027.jpg?k=3e415bb694a1a0145529dad3242573d0d52364bc57bae824b5990bf9c2fabc04&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3a726740277bf3b9712fe9ab756ec2135f6ebac9b86ac0731cd2b5919e77e798

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 03:18:11 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 738126
etag: "f67f2079861ef0a77bb4287bbcdb769516f1d891"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: _sf9foVPdxzdNMGUT87k8ZC6c2fujHr5tQ3ZAmIF_16OOqwlO_QiKw==
content-length: 10460
x-xss-protection: 1; mode=block
expires: Tue, 13 Jun 2023 03:18:11 GMT

GET
H2 200 968314.jpg
q-xx.bstatic.com/xdata/images/city/square210/ 11 KB
12 KB 11ms
10ms Image
image/jpeg 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/city/square210/968314.jpg?k=0e0d712f666150594683eeeea60d7e3afdaab51286a9023f15f648ff3fbb0d6c&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

529438579c069a6825fc8444fb3d85029738fd72655c2f51afea112629db35fb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 04:40:34 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 473983
etag: "80cc51f5989f1040e1304e3d0ea5da875472ed3d"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: DuHoXyfbHipvntKSw1dm5LU5tQSPqJbfEsk_1exXvXKAsmAIiTQKRQ==
content-length: 11493
x-xss-protection: 1; mode=block
expires: Fri, 16 Jun 2023 04:40:34 GMT

GET
H2 200 MagnifyingGlassUsp.png
t-cf.bstatic.com/design-assets/assets/v3.60.0/illustrations-traveller/ 3 KB
4 KB 215ms
8ms Image
image/png 2600:9000:2491:9200:15:9f56:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-cf.bstatic.com/design-assets/assets/v3.60.0/illustrations-traveller/MagnifyingGlassUsp.png
Requested by: Host: www.booking.com
URL: https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9200:15:9f56:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f8527d9408a651f17cf4de43262a6fa2927ab2af6ca98641828793af062f118

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 07:41:10 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 00:49:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 31149
x-amz-server-side-encryption: AES256
etag: "5966a74d467ac8907792c738d59e8218"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3358
x-amz-cf-id: e-NorM9MpaFpWiWOu6D4onISn5UTT7FmemilMcXkVVn_GOM8jpGDdw==

GET
H2 200 MoneyUsp.png
t-cf.bstatic.com/design-assets/assets/v3.60.0/illustrations-traveller/ 4 KB
4 KB 215ms
8ms Image
image/png 2600:9000:2491:9200:15:9f56:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-cf.bstatic.com/design-assets/assets/v3.60.0/illustrations-traveller/MoneyUsp.png
Requested by: Host: www.booking.com
URL: https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9200:15:9f56:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54370e8f589fef00fbdc853c168f40c1955c478a26c2f464f76f927951f9ffb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 04:27:17 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 00:49:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 42793
x-amz-server-side-encryption: AES256
etag: "dca7c9b271c8b4799ce94491fa1b9ef2"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4038
x-amz-cf-id: VwLCIJc9NBVxkNEGybzYpP_AzE1iUDI33QEeGM5_UdFqib7tCujkgA==

GET
H2 200 TicketsUsp.png
t-cf.bstatic.com/design-assets/assets/v3.60.0/illustrations-traveller/ 4 KB
4 KB 132ms
9ms Image
image/png 2600:9000:2491:9200:15:9f56:b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-cf.bstatic.com/design-assets/assets/v3.60.0/illustrations-traveller/TicketsUsp.png
Requested by: Host: www.booking.com
URL: https://www.booking.com/flights/index.fr.html?adplat=email-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el&adults=2&aid=2097130&cabinClass=ECONOMY&depart=2023-05-20&destination=NTE&from=PAR&label=confirmation_text&lang=fr&origin=PAR&return=2023-05-21&showLoader=1&to=NTE&type=ROUNDTRIP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9200:15:9f56:b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47b58f0909cae06bc80a8d79e50758d188832800d541c7285a8bd72f3b23a0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 04:27:17 GMT
via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 00:49:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 42792
x-amz-server-side-encryption: AES256
etag: "4f8be30173d60369e61612204c1a9013"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3759
x-amz-cf-id: W5p4MzC8fCVcdimtbCikxQpU5s36DbEOxyCjM2TmslimBvlfMTdoLQ==

GET
H2 200 cookiebanner.html Show response
www.booking.com/ Frame 3886 2 KB
2 KB 155ms
154ms Document
text/html 13.32.121.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/cookiebanner.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-90.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

d3c7c4dbe9a235e7ba1dbfe981c2af6e18b722ef684ef16eb08c4fc2a82a6627

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 836
content-type: text/html; charset=UTF-8
date: Mon, 22 May 2023 16:20:17 GMT
nel: {"max_age":604800,"report_to":"default"}
report-to: {"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
server: nginx
strict-transport-security: max-age=604800
vary: Accept-Encoding, User-Agent
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-id: 4HEanok3v4U2PJU0NtM_A2bsTJjSbWxB2rseoZfcuXE0Tjo_V5vUSA==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
x-xss-protection: 1; mode=block

GET
H2 200 64022.9dd0501f.chunk.js Show response
q-xx.bstatic.com/flights/web/static/js/ 8 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/js/64022.9dd0501f.chunk.js

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.826ce9df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3b43ac28992644068b0afd313ccfe8da40741e874ca558e902afc4f3a6f90e94

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:12:27 GMT
content-encoding: br
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 1966070
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Thu, 13 Oct 2022 09:06:32 GMT", rule-id="expire-static-assets"
last-modified: Fri, 28 Apr 2023 11:21:38 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:e682248dd8cf908b30c912718eb612b4
etag: W/"e682248dd8cf908b30c912718eb612b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: NxWRZH3DeuXYoHs2FKyAG0sGG5WI11u4AOAlUslrLnJ0Hkt_DIpOsw==
expires: Mon, 29 May 2023 22:12:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 45ms
45ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=632843658&t=pageview&_s=1&dl=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&ul=en-us&de=UTF-8&dt=Trouvez%20des%20vols%20et%20des%20billets%20d%27avion%20pas%20chers%20%7C%20Booking.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1347831205&gjid=2140719124&cid=1237321668.1684772417&tid=UA-116109-57&_gid=693147526.1684772417&_r=1&_slc=1&z=986413588

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 May 2023 16:20:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.booking.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/481216654/ 3 KB
2 KB 146ms
61ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481216654/?random=1684772417231&cv=11&fst=1684772417231&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&hn=www.googleadservices.com&frm=0&tiba=Trouvez%20des%20vols%20et%20des%20billets%20d%27avion%20pas%20chers%20%7C%20Booking.com&auid=1289927717.1684772417&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQHB9P4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

652f930f89b3f932cbfca5a4eefc8a91ae0c39aecc4fd51c623154213915d6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 16:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1421
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1070314322

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQHB9P4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e7d5ef47f81ec11195cd2bb2ee5811bcc57713b0e7cfe94acf81f9e3797cb5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:20:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68410
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 16:20:17 GMT

OPTIONS
H2 204 internal-events
flights.booking.com/track/ Frame 0
0 41ms
25ms Preflight 52.222.236.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-65.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-booking-affiliate-id,x-booking-label,x-requested-from
Access-Control-Request-Method: POST
Origin: https://www.booking.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-booking-affiliate-id,x-booking-label,x-requested-from
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.booking.com
date: Mon, 22 May 2023 16:20:17 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000;
vary: Origin, Access-Control-Request-Headers
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-id: Eixtv8_rJsaLKMUO7nCtC6DxE4nV1P4trf_CepjqPPdkyxzpSui2RA==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 8a2a9520-f8bc-11ed-9bfb-b5945b28cb9d
x-xss-protection: 1; mode=block

OPTIONS
H2 204 internal-events
flights.booking.com/track/ Frame 0
0 45ms
29ms Preflight 52.222.236.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-65.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-booking-affiliate-id,x-booking-label,x-requested-from
Access-Control-Request-Method: POST
Origin: https://www.booking.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-booking-affiliate-id,x-booking-label,x-requested-from
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.booking.com
date: Mon, 22 May 2023 16:20:17 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000;
vary: Origin, Access-Control-Request-Headers
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-id: utdR-vM5jmY_U_-omfPNr-2WllMxeJ2C66L9I2Za5qGkyY-Zi576Jg==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 8a2a9520-f8bc-11ed-8969-e7f6277558ef
x-xss-protection: 1; mode=block

OPTIONS
H2 204 route-changes
flights.booking.com/track/ Frame 0
0 121ms
107ms Preflight 52.222.236.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/route-changes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-65.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-booking-affiliate-id,x-booking-label,x-requested-from
Access-Control-Request-Method: POST
Origin: https://www.booking.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-booking-affiliate-id,x-booking-label,x-requested-from
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.booking.com
date: Mon, 22 May 2023 16:20:17 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000;
vary: Origin, Access-Control-Request-Headers
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-id: 5ae5087-duSLa-5oMJbTtJ5Wu-mKMKkOebJUn_E4AAKo1wNqGeK4fA==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 8a2fc540-f8bc-11ed-92fa-a5cc3b142e29
x-xss-protection: 1; mode=block

GET
H2 200 header Show response
www.booking.com/attractions/api/ 16 KB
6 KB 93ms
93ms Fetch
application/json 13.32.121.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/attractions/api/header?label=confirmation_text&lang=fr&aid=2097130&product=flights

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.826ce9df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-90.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e72a5e74a172379e79ef2a7241bac51b7e767d695ec3eb69f8541245cb8ac8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:20:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-options: nosniff
server: nginx
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.booking.com:* wss://*.booking.com:* cdn.cookielaw.org *.google-analytics.com *.onetrust.com; script-src 'self' 'unsafe-inline' *.booking.com:* *.bstatic.com cdn.cookielaw.org bat.bing.com googleads.g.doubleclick.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.onetrust.com; img-src * data:; style-src 'self' 'unsafe-inline' *.booking.com *.bstatic.com *.googleapis.com; font-src 'self' *.bstatic.com fonts.gstatic.com; frame-src 'self' *.booking.com; object-src 'none'; report-to default
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-cf-id: zXqXwn5y4fwoSMaOtFxVErKleAlKFBaUzeD2DEZy82ARGbYE8vdtxA==
x-xss-protection: 1; mode=block

GET
H2 200 screens-Search.53a6b307.chunk.css
q-xx.bstatic.com/flights/web/static/css/ 63 KB
8 KB 7ms
7ms Stylesheet
text/css 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/css/screens-Search.53a6b307.chunk.css

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.826ce9df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

13358a218e43913f2a383d7a0cd714f89a0260df8fcf53eaf4677cabc7ff9b7d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:35:05 GMT
content-encoding: br
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 827112
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Wed, 12 Jul 2023 13:18:50 GMT", rule-id="expire-static-assets"
last-modified: Thu, 11 May 2023 15:22:09 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:f389cf25c667ea9a11b29d1cf48fb134
etag: W/"f389cf25c667ea9a11b29d1cf48fb134"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: kQoANXyJoo4vQFOi5OYvQh8nyzlHNZf8RLjRHorUas3OlBgMCzZL9g==
expires: Mon, 12 Jun 2023 02:35:05 GMT

GET
H2 200 screens-Search.72913c81.chunk.js Show response
q-xx.bstatic.com/flights/web/static/js/ 628 KB
131 KB 8ms
8ms Script
application/javascript 2600:9000:236e:1e00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q-xx.bstatic.com/flights/web/static/js/screens-Search.72913c81.chunk.js

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.826ce9df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:1e00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b21d4918c181a911cb2b7b543de7559cd26413b1e32811360ac68486855d6bd5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:40 GMT
content-encoding: br
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P1
age: 11556
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-amz-expiration: expiry-date="Sun, 20 Aug 2023 12:36:15 GMT", rule-id="expire-static-assets"
last-modified: Mon, 22 May 2023 12:36:15 GMT
server: nginx
x-amz-meta-s3cmd-attrs: md5:220f42f0544837b67f110ccc68850d62
etag: W/"220f42f0544837b67f110ccc68850d62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: OZHLg4Gtpob4SyWftwxyREf3M94KV5qbCwFXHj3NnyWoekl4uV9xVQ==
expires: Wed, 21 Jun 2023 13:07:40 GMT

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
718 B 50ms
50ms Fetch
application/json 52.222.236.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.826ce9df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-65.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Requested-From: clientFetch
Referer: https://www.booking.com/
X-Booking-Affiliate-Id: 2097130
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Booking-Label: confirmation_text
Content-Type: application/json

Response headers

date: Mon, 22 May 2023 16:20:17 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 8a2f2900-f8bc-11ed-995f-a17ea9319f21
server: nginx
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
x-amz-cf-id: q9JCe9Jf2KmmnbIOKV3xpuKV3o18tWWvPUnFe0Eg1Y3Owd6P9ngLuw==

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
718 B 121ms
120ms Fetch
application/json 52.222.236.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.826ce9df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-65.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Requested-From: clientFetch
Referer: https://www.booking.com/
X-Booking-Affiliate-Id: 2097130
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Booking-Label: confirmation_text
Content-Type: application/json

Response headers

date: Mon, 22 May 2023 16:20:17 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 8a30d6b0-f8bc-11ed-955a-379e79fd77e3
server: nginx
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
x-amz-cf-id: jyt-s6i2nUPV-eL_HcauMC-yjxtRmvD9FG8cHUURnlUKsM-2Wlu3JQ==

POST
H2 202 route-changes Show response
flights.booking.com/track/ 13 B
717 B 57ms
57ms Fetch
application/json 52.222.236.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/route-changes

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.826ce9df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-65.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Requested-From: clientFetch
Referer: https://www.booking.com/
X-Booking-Affiliate-Id: 2097130
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Booking-Label: confirmation_text
Content-Type: application/json

Response headers

date: Mon, 22 May 2023 16:20:17 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-length: 13
x-xss-protection: 1; mode=block
x-request-id: 8a3c6f70-f8bc-11ed-950c-d7f04d742e3f
server: nginx
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
x-amz-cf-id: W1LiHqTtkG13fizNQ9Q8LbPUCKZZYbtEwxkOGgf_9Xfj8xWw-_OGpQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 53ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 22 May 2023 16:20:16 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3C78797A7E243D4AA1C62B8B1E2D6E2 Ref B: FRAEDGE1916 Ref C: 2023-05-22T16:20:17Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
35ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=632843658&t=event&_s=2&dl=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&ul=en-us&de=UTF-8&dt=Trouvez%20des%20vols%20et%20des%20billets%20d%27avion%20pas%20chers%20%7C%20Booking.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Flights&ea=index_landing_in&el=&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1237321668.1684772417&tid=UA-116109-57&_gid=693147526.1684772417&z=2026104577

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:08:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79906
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-116109-57&cid=1237321668.1684772417&jid=1347831205&gjid=2140719124&_gid=693147526.1684772417&_u=IEBAAEAAAAAAACAAI~&z=898131764

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 22 May 2023 16:20:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.booking.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=632843658&t=pageview&_s=3&dl=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&dp=home&ul=en-us&de=UTF-8&dt=Trouvez%20des%20vols%20et%20des%20billets%20d%27avion%20pas%20chers%20%7C%20Booking.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACACI~&jid=&gjid=&cid=1237321668.1684772417&tid=UA-116109-57&_gid=693147526.1684772417&cd2=&cd3=&cd4=&cd5=&cd6=&z=935802802

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 18:08:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79906
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 166ms
78ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-116109-57&cid=1237321668.1684772417&jid=1347831205&_u=IEBAAEAAAAAAACAAI~&z=1369876535

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 16:20:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 159ms
76ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-116109-57&cid=1237321668.1684772417&jid=1347831205&_u=IEBAAEAAAAAAACAAI~&z=1369876535

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 16:20:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/ 3 KB
2 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/?random=1684772417500&cv=11&fst=1684772417500&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&hn=www.googleadservices.com&frm=0&tiba=Trouvez%20des%20vols%20et%20des%20billets%20d%27avion%20pas%20chers%20%7C%20Booking.com&auid=1289927717.1684772417&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070314322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

054f547381b284135e78c1a761cab344b182483289e9cbb08a17eee18977be24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 16:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/481216654/ 42 B
455 B 75ms
52ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/481216654/?random=1684772417231&cv=11&fst=1684771200000&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&frm=0&tiba=Trouvez%20des%20vols%20et%20des%20billets%20d%27avion%20pas%20chers%20%7C%20Booking.com&fmt=3&is_vtc=1&random=2692411895&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 16:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/481216654/ 42 B
455 B 68ms
50ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/481216654/?random=1684772417231&cv=11&fst=1684771200000&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&frm=0&tiba=Trouvez%20des%20vols%20et%20des%20billets%20d%27avion%20pas%20chers%20%7C%20Booking.com&fmt=3&is_vtc=1&random=2692411895&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 16:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 15338614.js Show response
bat.bing.com/p/action/ 0
135 B 103ms
103ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15338614.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 22 May 2023 16:20:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B9985408D1DA44549685D037A546E347 Ref B: FRAEDGE1916 Ref C: 2023-05-22T16:20:17Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 17ms
16ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 May 2023 16:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JYwMFRCSwBZdNsd6Nb17qg==
age: 1219
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6766
x-ms-lease-status: unlocked
last-modified: Thu, 18 May 2023 12:19:51 GMT
server: cloudflare
etag: 0x8DB579A2E2978A8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b5f45f37-701e-0174-5be1-8918f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cb662b99da5039a-FRA

GET
H2 200 3ea94870-d4b1-483a-b1d2-faf1d982bb31.json Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/ 8 KB
3 KB 54ms
26ms XHR
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47aa93b9d85b2e0b1f9fced7e54832f7ca95252e0515c42b0777a1eef40730f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 May 2023 16:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: CeYuYS4rVEFdyCvh5V6z5w==
age: 43788
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2142
x-ms-lease-status: unlocked
last-modified: Tue, 14 Mar 2023 09:25:31 GMT
server: cloudflare
etag: 0x8DB246E0EA1C955
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f70ebf1f-601e-00ce-30e1-5abea9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cb662b9fa3e367a-FRA
expires: Tue, 23 May 2023 16:20:17 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1070314322/ 42 B
108 B 51ms
49ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070314322/?random=1684772417500&cv=11&fst=1684771200000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&frm=0&tiba=Trouvez%20des%20vols%20et%20des%20billets%20d%27avion%20pas%20chers%20%7C%20Booking.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=970522695&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 16:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1070314322/ 42 B
108 B 51ms
51ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070314322/?random=1684772417500&cv=11&fst=1684771200000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&frm=0&tiba=Trouvez%20des%20vols%20et%20des%20billets%20d%27avion%20pas%20chers%20%7C%20Booking.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=970522695&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 16:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 65ms
35ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:20:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7cb662ba59681e60-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.22.0/ 311 KB
74 KB 20ms
20ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 May 2023 16:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 84813
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:18 GMT
server: cloudflare
etag: 0x8D962BA8ADAEF03
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b83df397-701e-00bc-74e1-5acf97000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cb662ba9ebf039a-FRA

GET
H2 200 fr.json Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/77946762-1e41-44bb-9c76-9c2e81167e6d/ 85 KB
20 KB 25ms
24ms Fetch
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/77946762-1e41-44bb-9c76-9c2e81167e6d/fr.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c111fa7241392e5b4ab2e6273efb6d655896e11ef840485fcb67fc9bccffcf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 May 2023 16:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: J5KH6N4kWqOsBZh8nnMGQw==
age: 34323
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 19916
x-ms-lease-status: unlocked
last-modified: Tue, 14 Mar 2023 09:25:40 GMT
server: cloudflare
etag: 0x8DB246E1456A060
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 14b5e89f-601e-0064-08e1-5a6846000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cb662bacb67367a-FRA
expires: Tue, 23 May 2023 16:20:17 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 13 KB
3 KB 27ms
26ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 May 2023 16:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
age: 43566
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
server: cloudflare
etag: 0x8D962BA867F281F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9f1e8392-e01e-00d4-35e1-5a91c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cb662bb0bad367a-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 20 KB
4 KB 25ms
25ms Fetch
text/css 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 May 2023 16:20:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
age: 43784
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 62ba7e0d-101e-014d-51e1-5a5851000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cb662bb0bb0367a-FRA

OPTIONS
H2 204 et
flights.booking.com/track/ Frame 0
0 41ms
41ms Preflight 52.222.236.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/et

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-65.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-booking-affiliate-id,x-booking-label,x-requested-from,x-soylent-email
Access-Control-Request-Method: POST
Origin: https://www.booking.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-booking-affiliate-id,x-booking-label,x-requested-from,x-soylent-email
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.booking.com
date: Mon, 22 May 2023 16:20:17 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000;
vary: Origin, Access-Control-Request-Headers
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-id: C8lIgxMSuwT1NUxWFtrJ3Z6D18jtAnlb4lqvxa9CI_UYsQnuSiQ17Q==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 8a81b5d0-f8bc-11ed-b68c-473eddf7bbbc
x-xss-protection: 1; mode=block

POST
H2 200 et Show response
flights.booking.com/track/ 4 B
723 B 58ms
58ms Fetch
application/json 52.222.236.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/et

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.826ce9df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-65.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Booking-Label: confirmation_text
Content-Type: application/json
X-Requested-From: clientFetch
Referer: https://www.booking.com/
X-Booking-Affiliate-Id: 2097130
X-Soylent-Email

Response headers

date: Mon, 22 May 2023 16:20:18 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-length: 4
x-xss-protection: 1; mode=block
x-request-id: 8a8a4150-f8bc-11ed-b150-550101e3d12e
referrer-policy: no-referrer
server: nginx
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
x-amz-cf-id: hENp-5MXefOmmIeVF6F_sHgJ1_xGckpWeWMIbBwCsAk6YExp5uJEtw==

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.booking.com/flights	1970-01-20 21:35:32	Name: px_init Value: 0
.booking.com/	1970-01-20 12:00:58	Name: fasc Value: 476e222f-bd2d-4714-8c63-902195cc66d5
.booking.com/	1970-01-20 20:45:08	Name: pc_payer_id Value: bbf412a6-53eb-4ff2-ab31-1a4a266dea2a
.booking.com/	1970-01-20 20:45:08	Name: fsc Value: s%3A13b94b68e479c0b522e6fc5085775ad0.cFpXXMzTzH0s0TauyJXXEhvLnovZwQ%2FtHH39ZrKMcPE
flights.booking.com/	1969-12-31 23:59:59	Name: skip_redirect Value: 1
flights.booking.com/	1970-01-20 12:24:03	Name: fsc Value: s%3A13b94b68e479c0b522e6fc5085775ad0.cFpXXMzTzH0s0TauyJXXEhvLnovZwQ%2FtHH39ZrKMcPE
.booking.com/	1970-01-20 21:35:32	Name: px_init Value: 0
www.booking.com/	1970-01-20 12:24:03	Name: fsc Value: s%3A13b94b68e479c0b522e6fc5085775ad0.cFpXXMzTzH0s0TauyJXXEhvLnovZwQ%2FtHH39ZrKMcPE
.booking.com/	1970-01-20 21:35:32	Name: _ga Value: GA1.2.1237321668.1684772417
.booking.com/	1970-01-20 12:00:58	Name: _gid Value: GA1.2.693147526.1684772417
.booking.com/	1970-01-20 11:59:32	Name: _gat Value: 1
.booking.com/	1970-01-20 14:09:08	Name: _gcl_au Value: 1.1.1289927717.1684772417
.booking.com/	1970-01-20 20:45:08	Name: _pxhd Value: h-25l5px9MBFtdFsHLNDqMby%252F50zIsY8qo3I8v%252FEpRZG7AScIqu%252Fv-9v2vwiSUYEHtfWSJGWd%252F6kpVdmlfsaVA%253D%253D%253AA5q2XEEov-63McT69H2slzFMLVSO3R5BE2bPYTBZAcVHTkIbI%252FNiXcximEm0etdG8k7GQe2FTjJgkMEudshyG5DSeM%252Fx2pD2ViWQNVOWvqs%253D
.booking.com/	1970-01-20 21:35:32	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPefOgQJjdLSwa2%2FK0ZR3uJTZHXL2fYkVd5GzpSSdzn8yQ1y%2Bkm9SZx%2BqNxUf3w%2ByQQyRCpWWdWty3KKmo%2F7ye%2FxTYxggaStOa3WiSFGSwzzebMsAfGqwWMNJLwZDgVrn4iPpi7p95TiwyjgKOqhuPdxwsSiXHnOMr5s%3D
.booking.com/	1970-01-20 12:00:58	Name: _uetsid Value: 8a3eba70f8bc11ed972e0b5c8550f63e
.booking.com/	1970-01-20 21:21:08	Name: _uetvid Value: 8a3ec0d0f8bc11ed9afaf7b4724fc4af
.doubleclick.net/	1970-01-20 21:21:08	Name: IDE Value: AHWqTUka6ftIlVZSUCdlq7IMKiPRXS_Juh2ZeYt-p8OXsW6bW5q0hcSoq1KI1CwW
.www.booking.com/	1970-01-20 16:18:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+May+22+2023+16%3A20%3A17+GMT%2B0000+(GMT)&version=6.22.0&isIABGlobal=false&hosts=&consentId=51bd4fbd-d6d6-4775-bb17-143c97dea34c&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Fflights%2Findex.fr.html%3Fadplat%3Demail-mg_confirmation_email-lp_in_copy-flight-checklist-3xdRGhYH0qxdwc0fzy55el%26adults%3D2%26aid%3D2097130%26cabinClass%3DECONOMY%26depart%3D2023-05-20%26destination%3DNTE%26from%3DPAR%26label%3Dconfirmation_text%26lang%3Dfr%26origin%3DPAR%26return%3D2023-05-21%26showLoader%3D1%26to%3DNTE%26type%3DROUNDTRIP&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800 max-age=31536000;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.cookielaw.org
ch.booking.com
flights.booking.com
geolocation.onetrust.com
googleads.g.doubleclick.net
q-cf.bstatic.com
q-xx.bstatic.com
r-cf.bstatic.com
stats.g.doubleclick.net
t-cf.bstatic.com
www.booking.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.121.90
2600:9000:236e:1e00:1f:e2ee:200:93a1
2600:9000:2491:9200:15:9f56:b80:93a1
2606:4700:4400::ac40:9062
2606:4700::6813:bc61
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:806::2008
2a00:1450:4001:829::2004
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c09::9c
52.222.214.109
52.222.236.65
054f547381b284135e78c1a761cab344b182483289e9cbb08a17eee18977be24
0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1
13358a218e43913f2a383d7a0cd714f89a0260df8fcf53eaf4677cabc7ff9b7d
1387ba51b7b70150dc27266cbc561d8cf874bec3b36b2556e0a72f5d11d392f9
18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5
1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20
3a726740277bf3b9712fe9ab756ec2135f6ebac9b86ac0731cd2b5919e77e798
3b43ac28992644068b0afd313ccfe8da40741e874ca558e902afc4f3a6f90e94
47aa93b9d85b2e0b1f9fced7e54832f7ca95252e0515c42b0777a1eef40730f1
47b58f0909cae06bc80a8d79e50758d188832800d541c7285a8bd72f3b23a0c2
4c111fa7241392e5b4ab2e6273efb6d655896e11ef840485fcb67fc9bccffcf7
4dd4756c3b45a8311cf91d4dd81f5ab6a974f77c62e48d81ac017d2facb69b6f
529438579c069a6825fc8444fb3d85029738fd72655c2f51afea112629db35fb
54370e8f589fef00fbdc853c168f40c1955c478a26c2f464f76f927951f9ffb4
5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42
652f930f89b3f932cbfca5a4eefc8a91ae0c39aecc4fd51c623154213915d6bc
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6a0873b3d65365cb1960ac09327b7c1364ec14cc061d3d404a9932325a82514f
6a3ea73cd7b690203665bf99cbae559fb56f20671da1fe4db9afe7cdcb5e040b
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
6f8527d9408a651f17cf4de43262a6fa2927ab2af6ca98641828793af062f118
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
8c823b6fe7ed7a0af5f592357f0512e43a86813159f095e7292489ba86c1e6d6
8e7d5ef47f81ec11195cd2bb2ee5811bcc57713b0e7cfe94acf81f9e3797cb5a
913a6a98a92fced89fecd725fd781d29751b1e0580426c18712487b3e529e1ca
975776e3667027dc23eb2a8a1a824592d0e0484bad41b155ccf25b7933313460
a932e7805e1f14f9d9c381b984ae1c43008b8c844f78949b245a211dcf57cca9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1c852eb6fab5d21a65dac34a4171ecd41942ba284789d45696e02892dba033b
b21d4918c181a911cb2b7b543de7559cd26413b1e32811360ac68486855d6bd5
b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974
b351283674b0d43f5353319877686a7d2070173809ba5e2dcd29f2b96e261667
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d3c7c4dbe9a235e7ba1dbfe981c2af6e18b722ef684ef16eb08c4fc2a82a6627
e1117bd0c871b65190e19381e2856bb55fab15b957b14e6cce36ed3c3c384908
e22b81dffc77079575519c626c967865eaa31c930e5fa2b99015b91c863b572b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72a5e74a172379e79ef2a7241bac51b7e767d695ec3eb69f8541245cb8ac8b1
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b37393f2c075b901968f72e63b4057dbd6f1b0e48acba372529b13faa3dc6a
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

www.booking.com Open in urlscan Pro 13.32.121.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

79 %IPv6

10 Domains

16 Subdomains

13 IPs

3 Countries

976 kBTransfer

4034 kBSize

18 Cookies

21 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.booking.com Open in urlscan Pro
13.32.121.90 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

79 %
IPv6

10
Domains

16
Subdomains

13
IPs

3
Countries

976 kB
Transfer

4034 kB
Size

18
Cookies

60 HTTP transactions
0 data transactions