www.thomascook.com Open in urlscan Pro
2600:9000:2077:d800:3:28eb:6280:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thomascook.de/
Effective URL:
https://www.thomascook.com/
Submission Tags: tranco_l324
Submission: On March 24 via api (March 24th 2024, 5:27:39 am UTC) from DE — Scanned from DE

Summary HTTP 80 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 80 HTTP transactions. The main IP is 2600:9000:2077:d800:3:28eb:6280:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.thomascook.com. The Cisco Umbrella rank of the primary domain is 627345.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 24th 2024. Valid for: a year.

This is the only time www.thomascook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:1f16:b2f... 2600:1f16:b2f:b01:31af:98fd:6f6c:2004	16509 (AMAZON-02) (AMAZON-02)
1 1	15.197.227.94 15.197.227.94	16509 (AMAZON-02) (AMAZON-02)
48	2600:9000:207... 2600:9000:2077:d800:3:28eb:6280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1486	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.236.71 52.222.236.71	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.26.7 108.138.26.7	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	20.50.174.29 20.50.174.29	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
80	16

1 2600:1f16:b2f:b01:31af:98fd:6f6c:2004 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)

thomascook.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.227.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a52f4f39543b8fdf5.awsglobalaccelerator.com

thomascook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2600:9000:2077:d800:3:28eb:6280:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.thomascook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1486 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-7.fra56.r.cloudfront.net

invitejs.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.thomascook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.174.29 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

572a49791fd34e26ac5749ddb4fe5c5f.apm.westeurope.azure.elastic-cloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	thomascook.com 1 redirects thomascook.com — Cisco Umbrella Rank: 496609 www.thomascook.com — Cisco Umbrella Rank: 627345 api.thomascook.com — Cisco Umbrella Rank: 882806	1 MB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 477	214 KB
5	gstatic.com fonts.gstatic.com	73 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1728	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	318 KB
2	elastic-cloud.com 572a49791fd34e26ac5749ddb4fe5c5f.apm.westeurope.azure.elastic-cloud.com — Cisco Umbrella Rank: 858529	41 B
2	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5638 invitejs.trustpilot.com — Cisco Umbrella Rank: 15966	11 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 1053 p.typekit.net — Cisco Umbrella Rank: 1422	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143	455 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 853	312 B
1	thomascook.de 1 redirects thomascook.de	803 B
80	12

	Domain	Requested by
48	www.thomascook.com	www.thomascook.com
10	cdn.cookielaw.org	www.thomascook.com cdn.cookielaw.org
5	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	www.thomascook.com www.googletagmanager.com
2	572a49791fd34e26ac5749ddb4fe5c5f.apm.westeurope.azure.elastic-cloud.com	www.thomascook.com
2	www.google-analytics.com	www.googletagmanager.com www.thomascook.com
2	fonts.googleapis.com	www.thomascook.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	api.thomascook.com	www.thomascook.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	invitejs.trustpilot.com	www.thomascook.com
1	p.typekit.net	use.typekit.net
1	widget.trustpilot.com	www.thomascook.com
1	use.typekit.net	www.thomascook.com
1	thomascook.com	1 redirects
1	thomascook.de	1 redirects
80	17

This site contains links to these domains. Also see Links.

Domain
www.inghams.co.uk
experiences.thomascook.com
support.thomascook.com
www.facebook.com
www.instagram.com
twitter.com
thomascook.onelink.me
www.crui.se
www.caa.co.uk
www.gov.uk
www.travelhealthpro.org.uk
travelaware.campaign.gov.uk
www.onetrust.com

Subject Issuer	Validity	Valid
*.thomascook.com Amazon RSA 2048 M03	`2024-02-24` - `2025-03-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.westeurope.azure.elastic-cloud.com R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.thomascook.com/
Frame ID: 1B50CAF4A4C567ECCCA1A55F6B46A1AB
Requests: 81 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thomas Cook Holidays | Package Holidays, Hotels & City Breaks

Page URL History Show full URLs

http://thomascook.de/ HTTP 301
https://thomascook.com/ HTTP 301
https://www.thomascook.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

80
Requests

100 %
HTTPS

76 %
IPv6

12
Domains

17
Subdomains

16
IPs

3
Countries

1902 kB
Transfer

4141 kB
Size

22
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inghams.co.uk/ski-holidays?agent=thomascook
Title: Ski with Inghams

Search URL Search Domain Scan URL

URL: https://experiences.thomascook.com/tEBFBN06
Title: Experiences

Search URL Search Domain Scan URL

URL: https://support.thomascook.com/en/support/home
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thomascooktourism
Title: Facebook thomascooktourism

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thomascook/
Title: Instagram thomascookuk

Search URL Search Domain Scan URL

URL: https://twitter.com/thomascookuk?lang=en
Title: X (formerly Twitter) @ThomasCookUK

Search URL Search Domain Scan URL

URL: https://thomascook.onelink.me/9AG9/a6f4b789

Search URL Search Domain Scan URL

URL: https://support.thomascook.com/en/support/solutions
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.crui.se/
Title: Cruise Holidays

Search URL Search Domain Scan URL

URL: https://www.caa.co.uk/home/
Title: The Civil Aviation Authority

Search URL Search Domain Scan URL

URL: https://www.gov.uk/foreign-travel-advice
Title: gov.uk/foreign-travel-advice

Search URL Search Domain Scan URL

URL: https://www.travelhealthpro.org.uk/
Title: travelhealthpro.org.uk

Search URL Search Domain Scan URL

URL: https://travelaware.campaign.gov.uk/
Title: travelaware.campaign.gov.uk.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thomascook.de/ HTTP 301
https://thomascook.com/ HTTP 301
https://www.thomascook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thomascook.com/
Redirect Chain

http://thomascook.de/
https://thomascook.com/
https://www.thomascook.com/

483 KB
45 KB

478ms
416ms

Document
text/html

2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

56f3c3ebd546ec6d77ee30bd6991dab997ce121e1265e604d35a3fcf62a9eb2c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *.thomascook.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-length: 43273
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
content-type: text/html;charset=UTF-8
date: Sun, 24 Mar 2024 05:27:33 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Sun, 24 Mar 2024 05:27:33 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000 max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-amz-cf-id: oVlGtNGZsK8W-B-wacVg1GxFv94IRMdSTz3R4AErfDgudmCa9pFPig==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-magnolia-registration: Registered
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

Redirect headers

content-length: 134
content-type: text/html
date: Sun, 24 Mar 2024 05:27:33 GMT
location: https://www.thomascook.com:443/
server: awselb/2.0

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&display=swap

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3bd0ac021b01bd0e723bf74a110ec4519e42a293e67c12b10973e4c368488f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Mar 2024 05:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 03:53:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Mar 2024 05:27:33 GMT

GET
H2 200 sdv6oej.css
use.typekit.net/ 2 KB
868 B 64ms
14ms Stylesheet
text/css 2a02:26f0:3500:16::215:1486
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/sdv6oej.css

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

430ed30722fa16370c7e92fcea40160fcf63181ae1e630fc2de6daae907b11de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sun, 24 Mar 2024 05:27:33 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 645

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
105 KB 68ms
24ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV8Z4W4

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8ac8d1e080fec3f321e912cb34934ce7614510930bbec2a763bb9f5513fa4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106835
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Mar 2024 05:27:33 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 35ms
6ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 01:27:23 GMT
content-encoding: gzip
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P4
age: 14411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 5uqjpvNHUf2wojnt5e_aIYj6zMSLZ_hxwe1mMoaLLgsxye7CsYdgFA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 43ms
21ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /RTAD1TAPuPWblD15GN1pg==
age: 50071
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6842
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:37 GMT
server: cloudflare
etag: 0x8DC49752BD8535D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4b7bc656-901e-0002-42aa-7b873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 869440b2cc849a0f-FRA

GET
H2 200 main.c5d76a45.css
www.thomascook.com/.resources/thomascook/webresources/css/ 157 KB
30 KB 189ms
189ms Stylesheet
text/css 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomascook.com/.resources/thomascook/webresources/css/main.c5d76a45.css

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9bbdc6d07eff1066a0ff5353f67c9c90db66429c9826fe90a5c9a29c34e23cd2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-content-type-options: nosniff
x-cache: Miss from cloudfront
content-length: 28374
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Mar 2024 09:11:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: ApdRogGgeeKF3HkyV0_0KUIHQk8_VtXZJypHv5ZaF8HkmVHGd-O9_A==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 KSPSecureTrustAccount.svg
www.thomascook.com/dam/jcr:4d329a91-2f65-474f-9dd3-92cf5944e199/ 14 KB
16 KB 196ms
194ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:4d329a91-2f65-474f-9dd3-92cf5944e199/KSPSecureTrustAccount.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5ac52c7d82deb029efdef59580b4ab211082af09a5d7bc01b8bb9f0a4190a534

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="KSPSecureTrustAccount.svg"
content-length: 13999
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Mar 2023 12:24:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: XXHCpOlzuNKIESYeY3wl4v0xZrklJhtpce3AZpntIE6fdiLyEKfNFA==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 KSPAtol.svg
www.thomascook.com/dam/jcr:b3bb604e-0399-4668-8208-a689b7e405a6/ 18 KB
21 KB 197ms
195ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:b3bb604e-0399-4668-8208-a689b7e405a6/KSPAtol.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

62b36a0b3daf3fc612457b5a87d579f21cfa91148f40f3dc679cd2cdb78b2f72

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="KSPAtol.svg"
content-length: 18329
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Mar 2023 12:22:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: Mxc1j11zdQM8_hbrW5vEcZmIJMD0ubMJCUn3NDEGssDoRPuJdHjo6A==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 ABTA-dark.svg
www.thomascook.com/dam/jcr:648aa7eb-771a-467e-8024-a1236840e5fb/ 12 KB
15 KB 217ms
215ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:648aa7eb-771a-467e-8024-a1236840e5fb/ABTA-dark.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da224fbf2f7cf9ddf2a84a09baaf54bd9a2224ad26c1657b1437eba9fd342224

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="ABTA-dark.svg"
content-length: 12390
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Mar 2023 12:23:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: 1nc7r0oMe4OhWIC7CwUSGDeGJarGoBlvxJAkAO2hO83RZmg2ggIVvA==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 dark-logo_new.svg
www.thomascook.com/dam/jcr:fbdedb01-4873-41b2-a51e-4a8fe0359387/ 82 KB
84 KB 175ms
175ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:fbdedb01-4873-41b2-a51e-4a8fe0359387/dark-logo_new.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2f0dae26e1890dd2a3cec682a837e76d44d0a235f5430c4cbf3a7315b964fa7c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="dark-logo_new.svg"
content-length: 83651
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 20 Jun 2023 06:10:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: VX5OtCgHSoSHotONVfeF-jD2U0aUfshSjCf8eiLif0wwxTZfAdjh_A==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 account.svg
www.thomascook.com/dam/jcr:55235bd3-90f5-4637-9b6e-32b8704098ae/ 818 B
3 KB 165ms
164ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:55235bd3-90f5-4637-9b6e-32b8704098ae/account.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

23981b6442a3c69bf0b3c5e3a8a2079a50186c2d5a419360d61c7ab9b5e9646a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="account.svg"
content-length: 818
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 20 Jun 2023 06:35:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: Abk-ijFeC0oem7_pR7lIs6ZEmOeonLq7d0HURGhuuFawnzZZhXZkQg==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 globe.svg
www.thomascook.com/dam/jcr:d35e7250-a3b8-44a5-8c3e-779dd63286b5/ 526 B
3 KB 214ms
211ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:d35e7250-a3b8-44a5-8c3e-779dd63286b5/globe.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c5c70f039486570018c8469631e1fdbebc03a907ab3e1270c3e11a58c1f51394

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="globe.svg"
content-length: 526
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 20 Jun 2023 06:35:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: 97Rq5Kg8ALdUqnNiBLLsthNdCgs-T-visuNXBFyOwBsR_Pssg2tskQ==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 jcr:content.jpg
www.thomascook.com/.imaging/default/dam/uk/home/010224/Peaks_fam_hero_desk.jpg/ 371 KB
375 KB 220ms
217ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/default/dam/uk/home/010224/Peaks_fam_hero_desk.jpg/jcr:content.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cc5d4cec93b445050a076cd531fbf262849f53dd9424177ae0d9005ed477ebd6

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 380370
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: uCf-XQGg4tNBGY_upoIfdMiAZM2R5QdvYys-ICzYIOjxEDTUWM99bQ==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 monthly-payments.svg
www.thomascook.com/dam/jcr:c38cd824-0c51-462d-96ef-a2937e6c4578/ 2 KB
5 KB 198ms
197ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:c38cd824-0c51-462d-96ef-a2937e6c4578/monthly-payments.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f4bfb273ab7ae0ba367fd590881a8debd22870a0cd061f0a099c1ae2c74eb003

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="monthly-payments.svg"
content-length: 2040
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 09 Dec 2022 16:53:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: BjuO8AiVyKPS07rBqxiZ4we6PA2S0kyFS1Mlb6av1b7N1A6IQ45mRQ==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 Low_lock_Orange.svg
www.thomascook.com/dam/jcr:972ec1e1-54a6-44ae-a62a-fbf2264b8a5e/ 3 KB
5 KB 202ms
200ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:972ec1e1-54a6-44ae-a62a-fbf2264b8a5e/Low_lock_Orange.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

43223b65adfa2096736fa7d129e5cb33952fae9ac141315ecb029fd4409510bb

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="Low_lock_Orange.svg"
content-length: 2936
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Jul 2023 16:13:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: mqlWLNJToxnankdmKlDQdfRNJ9HV0wE_mEswDqKPxB90dhblnVfH3g==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 support.svg
www.thomascook.com/dam/jcr:53ec8514-566a-4aa4-823b-541909f38296/ 2 KB
4 KB 213ms
212ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:53ec8514-566a-4aa4-823b-541909f38296/support.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

83034aae6062463adf6b7448ab3dfa24505f26384b3dbf7ce1bb191769c31715

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="support.svg"
content-length: 1805
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 09 Dec 2022 16:53:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: 8hP_ihlf2z2bY-1cmUvqu1OSuuC8e4LPB6jlEjPAb8Oi4KKv9ckqTA==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 price-match.svg
www.thomascook.com/dam/jcr:bda8be06-6128-4fd7-be31-fd2f8b2874c9/ 5 KB
8 KB 192ms
191ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:bda8be06-6128-4fd7-be31-fd2f8b2874c9/price-match.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

71bff5e87afce0b0ddf250393265c958f4897ab4a23c953d09d74a3193c3e2bc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="price-match.svg"
content-length: 5110
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 09 Dec 2022 16:53:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: ZM5q26lofFx8oT13GXB9vCTnvCfV5N05ibJCfT4h6GSs31o4uSvBNQ==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 jcr:content.jpg
www.thomascook.com/.imaging/default/dam/uk/home/Merch-boxes/Turkey-v7_Hp1-605x605.jpg/ 70 KB
73 KB 206ms
203ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/default/dam/uk/home/Merch-boxes/Turkey-v7_Hp1-605x605.jpg/jcr:content.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b08ebab1abe91fe049194a05229744201f3c79e7de45d96af943293483c34e60

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 72157
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: RTzuu3imwO8-dezvnoEam8YSZdyPxldg_Mn_SF26lcZCEMSS9kKY0g==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 jcr:content.jpg
www.thomascook.com/.imaging/default/dam/uk/home/Merch-boxes/Mexico-v1_Hp2-605x200.jpg/ 27 KB
30 KB 195ms
194ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/default/dam/uk/home/Merch-boxes/Mexico-v1_Hp2-605x200.jpg/jcr:content.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2241a43c8f49d177bd2bfb198918931161c79120932388605d7fd28887cf12ad

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 27787
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: ag-4As_T7VGmtu___zhKi8AbcOpJiVVOQqluBhiKANNjn--aQzPXZQ==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 jcr:content.jpg
www.thomascook.com/.imaging/default/dam/uk/home/Merch-boxes/France-Paris-v5_Hp3-605x300.jpg/ 47 KB
49 KB 216ms
215ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/default/dam/uk/home/Merch-boxes/France-Paris-v5_Hp3-605x300.jpg/jcr:content.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0bb2e093ea8562826fcd4ffe3269b2e5efb57ba8ea069aa5c93908fe4201748b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 47987
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: A_pf_JY6P9ppEIn55Dlw0gGyv2CMIcROG3D32hRZEPq4F9Q_1LB5DA==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 app.df8df6d2.js Show response
www.thomascook.com/.resources/thomascook/webresources/js/ 394 KB
66 KB 163ms
161ms Script
application/javascript 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomascook.com/.resources/thomascook/webresources/js/app.df8df6d2.js

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1e91cce8815afaca26390922c9033a738abf273fa20efb3c0870633968c6899c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-content-type-options: nosniff
x-cache: Miss from cloudfront
content-length: 65114
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Mar 2024 09:11:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: w6nNlcGPkm5rPcUeXbnycKZn9lFwWKWtyVF7QnIzmGaSUd3RUM33mw==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 searchBar-en-gb.20798667.js Show response
www.thomascook.com/.resources/thomascook/webresources/js/ 295 KB
70 KB 211ms
208ms Script
application/javascript 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomascook.com/.resources/thomascook/webresources/js/searchBar-en-gb.20798667.js

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d1cfee7e22356ae7ee98efd3208ce82c788f2ac786021146a9c00ee3954a0574

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-content-type-options: nosniff
x-cache: Miss from cloudfront
content-length: 68511
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Mar 2024 09:11:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: yEaBfZomgW3zJKApfHLxUYyB3oOf4ZrpvUlDroMXNkrTpSO8wknKRQ==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 60ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=sdv6oej&ht=tk&f=22003.22005&a=112624919&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/sdv6oej.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/sdv6oej.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 tp.min.js Show response
invitejs.trustpilot.com/ 10 KB
4 KB 36ms
7ms Script
application/javascript 108.138.26.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invitejs.trustpilot.com/tp.min.js
Requested by: Host: www.thomascook.com
URL: https://www.thomascook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-7.fra56.r.cloudfront.net
Software: /
Resource Hash: 3124f1637fba4270fffb020d9cd30558a8bf4890800357506f1a3596eccb0488

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 02:59:03 GMT
content-encoding: gzip
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 14:45:34 GMT
x-amz-cf-pop: FRA56-P7
age: 8910
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-amz-cf-id: 9OeSTnXBfXqs5uEdK8W0AlsIcbnGS6QqT3TAbahhFm5wCqYo5DTkYg==

GET
H2 200 elastic-apm-opentracing.umd.min.js Show response
www.thomascook.com/.resources/thomascook/webresources-src/js/ 66 KB
24 KB 208ms
207ms Script
application/javascript 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomascook.com/.resources/thomascook/webresources-src/js/elastic-apm-opentracing.umd.min.js

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8eef0dae930fcbafe8992605cd0a966c022c34198324ba35d50443411203e737

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-content-type-options: nosniff
x-cache: Miss from cloudfront
content-length: 21552
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Aug 2022 11:46:57 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: utrrgyRyvqw3VDn4hZvHFUjGZ1rXOjnMzYb2E06I5zECKsGYPnqT-Q==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 ac99ca17-271b-4718-94a6-8505ded698b8.json Show response
cdn.cookielaw.org/consent/ac99ca17-271b-4718-94a6-8505ded698b8/ 4 KB
2 KB 38ms
23ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ac99ca17-271b-4718-94a6-8505ded698b8/ac99ca17-271b-4718-94a6-8505ded698b8.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

790a15417a6e0811e9a087807f35bac3709fc324c5577f7972017bdca9cac9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 57907
content-md5: VcVWKjq59KyDa7mQ8/vpEQ==
content-length: 1629
x-ms-lease-status: unlocked
last-modified: Mon, 18 Mar 2024 13:13:10 GMT
server: cloudflare
etag: 0x8DC474D290F0594
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 07f1a8cf-801e-0098-7236-7919e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 869440b38a5603f0-FRA
expires: Mon, 25 Mar 2024 05:27:33 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 41ms
25ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.thomascook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 869440b3cd6a30e8-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/ 442 KB
107 KB 20ms
19ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
age: 41239
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 109676
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
server: cloudflare
etag: 0x8DC49752A75EB01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f463857b-001e-005d-3a08-7c3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 869440b3fd779a0f-FRA

GET
DATA 200
OK truncated
/ 188 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f760e617c731bcaa41bcd2dfedb6f4ce751a5d3b8870c7014addfb7ee5d77bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 40ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thomascook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:44:56 GMT
x-content-type-options: nosniff
age: 423757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:44:56 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 37ms
13ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thomascook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:45:16 GMT
x-content-type-options: nosniff
age: 423737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:45:16 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 19ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thomascook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 21:34:56 GMT
x-content-type-options: nosniff
age: 460357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14188
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 21:34:56 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 21ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thomascook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 03:37:51 GMT
x-content-type-options: nosniff
age: 438582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14780
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 03:37:51 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 30ms
18ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thomascook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 23:09:09 GMT
x-content-type-options: nosniff
age: 454704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 23:09:09 GMT

GET
H2 200 a-pay.svg
www.thomascook.com/dam/jcr:70d2bbb9-15bd-451c-b1ce-b94755338303/ 5 KB
8 KB 161ms
158ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:70d2bbb9-15bd-451c-b1ce-b94755338303/a-pay.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c8d8e34632e1f5873651c46bc8da139d1cce76e67e8a591c7a0a1bd64c1a403c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="a-pay.svg"
content-length: 5183
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 14:43:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: a7zSWZL5RBRLrVEq8kyl_U3oObKnMyRSi54WpvT_EYmdq9JUdGTryw==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 g-pay.svg
www.thomascook.com/dam/jcr:a3d14674-ac67-4299-98d5-7249961768d7/ 4 KB
7 KB 124ms
122ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:a3d14674-ac67-4299-98d5-7249961768d7/g-pay.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d38d291bef2b938bbc3f4e2db00585468155b519ca6dfe599ddce71a05137f97

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="g-pay.svg"
content-length: 4140
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 14:43:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: 0pkkWNp7SZsl9c1Uk5D_gPN61dajThdoFmyUQ0fMYxqVu43ffYlgUA==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 visa-pay.svg
www.thomascook.com/dam/jcr:8543100b-be12-4f8a-8774-ab943a13b39d/ 5 KB
8 KB 219ms
216ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:8543100b-be12-4f8a-8774-ab943a13b39d/visa-pay.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

129d650131dc75e94371948b91c7d68dfda82a708543810dd5ba46bb54f56105

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="visa-pay.svg"
content-length: 5207
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 14:44:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: CmoxmXNr8HFi9OOqmu8XqOd2FPGkX9dGdCUJX1qxA5cCtnIRwouhTg==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 mc-pay.svg
www.thomascook.com/dam/jcr:d93914ba-bb4f-4c6b-9e8a-1a9d2e1bcd63/ 1 KB
4 KB 218ms
215ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:d93914ba-bb4f-4c6b-9e8a-1a9d2e1bcd63/mc-pay.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

089d5adfd668c45b89508ae216b1c36a2bff63f19539ac8f53fcd7c186d7b5c9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="mc-pay.svg"
content-length: 1475
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 14:43:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: IkmxcQ7_88JUv8NnLrXHNgMPdFn7Ezon6zi12bPO39ESzOI0N0zS0Q==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 chat-button.svg
www.thomascook.com/dam/jcr:0cd730e4-92af-4dee-bc78-ce084138cd83/ 1 KB
4 KB 211ms
208ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:0cd730e4-92af-4dee-bc78-ce084138cd83/chat-button.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4aaaf0822d9e584fc457561451e979baf978a285c2f77efa0766749ee4ec4507

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="chat-button.svg"
content-length: 1253
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Oct 2022 14:17:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: mUt2rfVcZW9ehb3EHnSz5Zk3CXCz8o-WtCISQkrH9WhqqOc39nyssw==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 faq-button.svg
www.thomascook.com/dam/jcr:2ce22aec-a7b1-4c9d-9e8a-09988192c08d/ 964 B
4 KB 122ms
120ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:2ce22aec-a7b1-4c9d-9e8a-09988192c08d/faq-button.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f1db159553f88b823df85a0cbc4d3ca852972510c06f562585650a5903330853

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="faq-button.svg"
content-length: 964
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Oct 2022 14:18:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: ixwponNLDMfW6mVV4sg9p0PdlEJtjRqzgtQ-faUVU4xGZ_-PydwSxg==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 new-fb.svg
www.thomascook.com/dam/jcr:5c6eef30-d277-482f-844b-8a8a88bc57f6/ 546 B
3 KB 247ms
245ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:5c6eef30-d277-482f-844b-8a8a88bc57f6/new-fb.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

84381762ebda546fa11271435477e40b1abac334e7ed2e1ca4d807f1eeb71214

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="new-fb.svg"
content-length: 546
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Oct 2022 14:27:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: 0GmthCwRSegWVfqWvx0xTFRt5Nyno4N1DyLDFFpZpYDqTqJOFoC3xg==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 insta.svg
www.thomascook.com/dam/jcr:b6bd39b8-42ab-43c8-ac8a-18a9fd7eb7ba/ 3 KB
6 KB 209ms
207ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:b6bd39b8-42ab-43c8-ac8a-18a9fd7eb7ba/insta.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4fe4c0c7be6b26c59cc3fea1b8a9d7f3f1cc019786b7d9996ef73405c5cfd3d8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="insta.svg"
content-length: 3146
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 Feb 2022 09:56:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: QtBKVjeOjHR-9F3ZW_sKZ3BbLoRvemMlEJBqAfaqfr5Mm5uKA1SBeg==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 X_Icon_footer.webp
www.thomascook.com/dam/jcr:5f0ea3ca-4042-4208-a87b-49feb9c6b3d5/ 882 B
3 KB 219ms
217ms Image
image/webp 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:5f0ea3ca-4042-4208-a87b-49feb9c6b3d5/X_Icon_footer.webp

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2800acf6f61eb9a24590ade9cee811ba4adad3a71ba7ae33cfcf32381b5b3b1c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="X_Icon_footer.webp"
content-length: 882
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Sep 2023 15:25:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/webp;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: sD_-aIBIUO57CWPY4Ai6os7zgC2SR9hxSbGtTjqQa4BTyR_XQnVN4Q==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 Monthly-payments-light.svg
www.thomascook.com/dam/jcr:e7c54cd0-089d-43c2-8ec3-7fea9761ec56/ 3 KB
6 KB 214ms
212ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:e7c54cd0-089d-43c2-8ec3-7fea9761ec56/Monthly-payments-light.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

423917b9df17412080fe7c1912a25f1074b12f726fb6e70a7c0811b99580fe96

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="Monthly-payments-light.svg"
content-length: 3330
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Feb 2023 09:29:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: Wx9Kzg9T4ZHKg-WxmYpzNxOefLgZ4ggGzEukgntnc1XwU9yboz6VAg==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 Low_lock_Black.svg
www.thomascook.com/dam/jcr:e5e0d8ca-7435-4689-873c-8be7790b47ed/ 3 KB
5 KB 161ms
159ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:e5e0d8ca-7435-4689-873c-8be7790b47ed/Low_lock_Black.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2090cc9f250f4b6f0df980e5701d7da585dd0b436b7896fca70eb53921b026ca

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="Low_lock_Black.svg"
content-length: 2936
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Jul 2023 16:12:49 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: L7xTqrbigeU8FDcqSfhMfvlaI24hPi0AZxB53oAIYJoa3Ik5ODL2hw==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 Main%20chat%20light.svg
www.thomascook.com/dam/jcr:dee08cee-8b94-4d1b-b521-665e4588eabf/ 2 KB
4 KB 148ms
146ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:dee08cee-8b94-4d1b-b521-665e4588eabf/Main%20chat%20light.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c0f3a7a828b0ebd58128f49b6672554b531676a2bb7dc661d95825b339a561c4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="Main chat light.svg"
content-length: 1824
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 14:18:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: -yMIYzVSd48_E6N0oLjMbCWSJtQWhzyPFYa5tBjd9rbn6x99CfatIw==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 price-match-light.svg
www.thomascook.com/dam/jcr:f4fccb98-3888-4b42-9844-1aa5f1646b32/ 16 KB
18 KB 237ms
236ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:f4fccb98-3888-4b42-9844-1aa5f1646b32/price-match-light.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2aa7f3d79fae2bec1887bcea41f7991b0f5aa1beeb56da6c73843499e65ba1a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="price-match-light.svg"
content-length: 15969
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 14:16:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: IIrtV5aPqwzXm1IgftJnQu9KDNqqK6KouNm1JC1uoOoYFWk-IDGhdw==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 atol%20(2).svg
www.thomascook.com/dam/jcr:c6751f1d-e70a-4be8-8f09-fccfd2e4885a/ 9 KB
11 KB 258ms
256ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:c6751f1d-e70a-4be8-8f09-fccfd2e4885a/atol%20(2).svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bf1ec86f618311f41c7f701cb99f72d7d18e56b8e6bc7cb68f002132478c6c94

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="atol (2).svg"
content-length: 9029
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jun 2022 12:44:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: ueNKNDQdHWXniZLQdHkfgHi6X-yQs39axC_gju3ocw_VFLmpULlLKg==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 abta%20(1).svg
www.thomascook.com/dam/jcr:a9c7033e-a1d2-400b-b4be-a955bf3b3907/ 11 KB
14 KB 214ms
213ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:a9c7033e-a1d2-400b-b4be-a955bf3b3907/abta%20(1).svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1dfb1884626fdc4bb77102f39fc21c9aee4c49421b473f27264f9fe064d9237a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="abta (1).svg"
content-length: 11340
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jun 2022 12:45:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: Tj8M2i2QPixnDUYftcAeT35L7OydAOnZI11XhtZbulyXMreN9BIKeQ==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 travelaware.svg
www.thomascook.com/dam/jcr:8f1e1a13-0501-41e6-b0a1-dba3201e4cdc/ 11 KB
14 KB 243ms
242ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:8f1e1a13-0501-41e6-b0a1-dba3201e4cdc/travelaware.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c16d15b692ecce37961d6dafe281677c7ddc5ba101cd286bc87ed008d097bd37

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="travelaware.svg"
content-length: 11346
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jun 2022 12:45:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: PbxIKFepSME5ZZagCYuMjTVjgYkHpIPZiGZGVs2Mc-VlmG-KVveAYg==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 corp_prim_ao_2cns.webp
www.thomascook.com/dam/jcr:578a57b8-1430-4fa6-a3d1-072fc6ff7461/ 27 KB
29 KB 160ms
158ms Image
image/webp 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/dam/jcr:578a57b8-1430-4fa6-a3d1-072fc6ff7461/corp_prim_ao_2cns.webp

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ead904128ca4703dc619fea82999b851dbe36bc3392c053f6883b75af38d3df7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-disposition: attachment; filename="corp_prim_ao_2cns.webp"
content-length: 27372
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Feb 2024 15:37:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/webp;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: nolPPTv9_EWakypMI_ccwzqUmXqQkycQYvyrfGgUE6B970bFven3TA==
expires: Mon, 24 Mar 2025 05:27:33 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/ac99ca17-271b-4718-94a6-8505ded698b8/018e2d7b-fd77-7cfd-a380-1131e5b77c19/ 69 KB
19 KB 23ms
22ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ac99ca17-271b-4718-94a6-8505ded698b8/018e2d7b-fd77-7cfd-a380-1131e5b77c19/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d78e8a95fa18f6257ac80a9a3ff600293f4519bce2ca3168a20dff29a66108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 57904
content-md5: Q9RCZS17Vp7uBScVw0b1qw==
content-length: 18834
x-ms-lease-status: unlocked
last-modified: Mon, 18 Mar 2024 13:13:17 GMT
server: cloudflare
etag: 0x8DC474D2CF0B517
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5a0ec481-401e-0011-0236-79a337000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 869440b46ad203f0-FRA
expires: Mon, 25 Mar 2024 05:27:33 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 10 KB
3 KB 18ms
17ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DjubttsuUURMsPZb/xn5GQ==
age: 57904
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2627
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:30 GMT
server: cloudflare
etag: 0x8DC49752793F9B0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 39c6ca63-d01e-004e-79cd-7b170b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 869440b49ae303f0-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/ 62 KB
13 KB 17ms
16ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZcF16z2xXnh51d4MuKhe/w==
age: 57904
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12808
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:30 GMT
server: cloudflare
etag: 0x8DC497527F063BE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ce953d0b-001e-00a9-4ec2-7bf8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 869440b49ae403f0-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 18ms
18ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
age: 57904
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 393e4365-a01e-0026-7226-7c719b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 869440b49ae503f0-FRA

GET
H2 200 features Show response
api.thomascook.com/ 483 B
2 KB 124ms
68ms Fetch
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.thomascook.com/features?market=uk&locale=en-GB&session=f4d3d629-28cb-4c4a-9f37-ee650ce3e0e3

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/.resources/thomascook/webresources/js/app.df8df6d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

25b74f390cf3079b3023612feaf4b8ebf14402617e9e868af8df699201e374b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-xss-protection: 1;mode=block
request-context: appId=cid-v1:0c1817de-6d86-47f7-aa99-c75638eadd5c
referrer-policy: no-referrer
x-ss-received: 2024-03-24 05:27:34.000913
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thomascook.com
cache-control: no-store
access-control-allow-credentials: true
x-azure-ref: 20240324T052733Z-yx9yp4h58p2nf2yc63zvy9ctnc00000002yg00000000839f

GET
H2 200 config.uk.json Show response
www.thomascook.com/assets/sso/ 344 B
761 B 10ms
10ms Fetch
application/json 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thomascook.com/assets/sso/config.uk.json
Requested by: Host: www.thomascook.com
URL: https://www.thomascook.com/.resources/thomascook/webresources/js/app.df8df6d2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 817d1bce6eec98f321a1d7b3c248a8b41e78ee09bb92291e6f0e7000f86facaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: MU3LDP0mfWIZNGHclEqZKBC_AptlDBc6
date: Sun, 24 Mar 2024 01:01:45 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 10:41:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 15949
x-amz-server-side-encryption: AES256
etag: "5595d83efdc5a9277f22db2077358a7c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
accept-ranges: bytes
content-length: 344
x-amz-cf-id: 3W_MGw5LE7vn7J7MCiMoqyxJ31VG38D4HXxk3pZfEhHTqMW5PmIYQA==

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aef1b7b81e4a2a18b7ca1b2a781f721eb7061fe8d44754cc6c05825867906b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
919 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/.resources/thomascook/webresources/js/app.df8df6d2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

670d5d84c031d8eb4a845fd6408dbb1a78d21bb433c4fde564e2e57950787344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Mar 2024 05:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 05:27:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Mar 2024 05:27:33 GMT

GET
H2 200 login.svg
www.thomascook.com/assets/images/sso/ 791 B
1 KB 13ms
13ms Image
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thomascook.com/assets/images/sso/login.svg
Requested by: Host: www.thomascook.com
URL: https://www.thomascook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bc1a425269f970dc1bc21eba47440fedf62f329a3802075eea3066dce560f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: PISn5DWNmRo11v0jrZ1n3zvUGGql1pai
date: Sat, 23 Mar 2024 18:56:38 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Tue, 18 Oct 2022 14:39:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 37856
x-amz-server-side-encryption: AES256
etag: "d1d2c100bae750dfa5a2d7952e9d9141"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 791
x-amz-cf-id: IeHVutppt1GUYTUhfZu4f7u74WTKLHFpiqvo0nXUhb3NCL9M3zY5Vg==

GET
H2 200 Turkey.jpg
www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/uk/Carousel/Carousel/Turkey.jpg/jcr:content/ 26 KB
28 KB 122ms
122ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/uk/Carousel/Carousel/Turkey.jpg/jcr:content/Turkey.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

760278c2ab8ef3e54beed88c61cec75b78b0ddda18646784cae74f4b30df5f23

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 26160
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: 5lw5mNfhG1Gf63rfcQEWI4OLpchv8AbLY-UBAqG2MRcP3ys5PfEwdg==
expires: Mon, 24 Mar 2025 05:27:34 GMT

GET
H2 200 Greece.jpg
www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/uk/Carousel/Greece.jpg/jcr:content/ 16 KB
19 KB 145ms
144ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/uk/Carousel/Greece.jpg/jcr:content/Greece.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c985b45c9d123589b9eca67fb5923aa96db45bf7f868532217a50b187ce55151

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 16442
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: SLwGyN9v6QT5QjB24mRa6EmQI755YXGaK4wXOdc3O8gjkhjDnCZI2g==
expires: Mon, 24 Mar 2025 05:27:34 GMT

GET
H2 200 lanzarote1127748611.JPG
www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/legacy/heros/Valencia/destinations/destinations-d/Canary-Islands/Places-To-Stay/Lanzarote/500x500/lanzarote1127748611.JPG/jcr:c... 17 KB
20 KB 132ms
131ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/legacy/heros/Valencia/destinations/destinations-d/Canary-Islands/Places-To-Stay/Lanzarote/500x500/lanzarote1127748611.JPG/jcr:content/lanzarote1127748611.JPG

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b1c56add63e13bf26512a50b1f4525d0361ee698abf0555a33d6b877f21bdb3a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 17872
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: Cha3zeXll95ntlQfxNOOWrAWrVp83xomhFyEGRfOsqVjdcMTw0BGoQ==
expires: Mon, 24 Mar 2025 05:27:34 GMT

GET
H2 200 balearic-islands-hero1.jpg
www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/legacy/compressed-jpg/balearic-islands-hero1.jpg/jcr:content/ 22 KB
24 KB 157ms
157ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/legacy/compressed-jpg/balearic-islands-hero1.jpg/jcr:content/balearic-islands-hero1.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c1b3724f6863736de9cf0606f00dcc77f7b2c6c0dfbd02be70d5029b3f7034fb

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 22234
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: 9kl7xmcxU9CD_LTkpjC5RgkomNXk2pzrcUAfJd3DiG_5rxysF7_2bA==
expires: Mon, 24 Mar 2025 05:27:34 GMT

GET
H2 200 Egypt.jpg
www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/uk/Carousel/Carousel/Egypt.jpg/jcr:content/ 14 KB
16 KB 159ms
159ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/uk/Carousel/Carousel/Egypt.jpg/jcr:content/Egypt.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

df59449753d3c47721cbc6a5c444175a26917a6a8ae1c39e299d8b46d158a9a1

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 14132
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: YPrfX5dMnFsIVwkW2F_UE325uTWmH-A14cSnIX02Vj9R7Y5SJF15tg==
expires: Mon, 24 Mar 2025 05:27:34 GMT

GET
H2 200 portugalcarousel.jpg
www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/legacy/heros/portugal/portugalcarousel.jpg/jcr:content/ 18 KB
20 KB 135ms
135ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/legacy/heros/portugal/portugalcarousel.jpg/jcr:content/portugalcarousel.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1e0551cd4264f03300e0f987278d67fa7b8d882ae935b380df0dbee7bef604ed

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 18072
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: 54eFjOVmjLc6ZcUIjZFWXe5Ngu1qkZEdzs9VYZa4I3rcH3-awuqIEw==
expires: Mon, 24 Mar 2025 05:27:34 GMT

GET
H2 200 cypruscarousel%20(1).jpg
www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/legacy/heros/cyprus/cyprus/cypruscarousel--1-.jpg/jcr:content/ 16 KB
18 KB 157ms
156ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/legacy/heros/cyprus/cyprus/cypruscarousel--1-.jpg/jcr:content/cypruscarousel%20(1).jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

420fae2ecd65b325eee9da95cf72aacc6f9650d437e7a72f0576290fb33ed808

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 16254
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: HVH7CWUNl9PpnFbD_yI9VXWkKWQ9DRZ-Sop9bZz0OV5xenz8vG6ZJA==
expires: Mon, 24 Mar 2025 05:27:34 GMT

GET
H2 200 Malta.jpg
www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/uk/Carousel/Carousel/Malta.jpg/jcr:content/ 30 KB
33 KB 159ms
159ms Image
image/jpeg 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thomascook.com/.imaging/mte/thomascook-theme/top-destinations/dam/uk/Carousel/Carousel/Malta.jpg/jcr:content/Malta.jpg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b7995eaa940b75be18be1f8c92ad896fa0290b713e667b15102038c8282c775b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 31074
x-xss-protection: 1; mode=block
x-magnolia-registration: Registered
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Mar 2024 05:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg;charset=UTF-8
access-control-allow-origin: *.thomascook.com
cache-control: max-age=31536000, public
x-amz-cf-id: xTedX8EzEkd4xBybLS3o1QTG2Vm1kzlbTtpGOh1VCHc-z_ZtVVCuOQ==
expires: Mon, 24 Mar 2025 05:27:34 GMT

GET
H2 200 search.svg Show response
www.thomascook.com/assets/icons/ 409 B
795 B 10ms
10ms Fetch
image/svg+xml 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thomascook.com/assets/icons/search.svg
Requested by: Host: www.thomascook.com
URL: https://www.thomascook.com/.resources/thomascook/webresources-src/js/elastic-apm-opentracing.umd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdaee8e71a1d7eda1c38559016092cc08c15551c9a7c46a9238d722e0d7bf937

Request headers

Referer: https://www.thomascook.com/
traceparent: 00-6470bfa3be204a6620ef750343a09a0b-43be502594f4a354-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: TGpiuwcSqKMrtrsP7XI_L_pN5VHGNXU1
date: Sun, 24 Mar 2024 01:12:32 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jul 2020 10:50:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 15302
etag: "cf4e63cd8e9ac25ba9a4f8d8d8dd4088"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 409
x-amz-cf-id: AV-tUoPJg_0rKG2cOQfcgRXX41VCraBjXXo9zFe639NaQiuhcPUZmg==

GET
H2 200 02_ThomasCook_horizontal.jpeg
cdn.cookielaw.org/logos/bd09d8e5-2ddb-4048-ae68-e7858a925494/ac99ca17-271b-4718-94a6-8505ded698b8/cb496c21-78ac-4ca5-8dc4-9fbc738e485d/ 56 KB
56 KB 16ms
16ms Image
image/jpeg 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/bd09d8e5-2ddb-4048-ae68-e7858a925494/ac99ca17-271b-4718-94a6-8505ded698b8/cb496c21-78ac-4ca5-8dc4-9fbc738e485d/02_ThomasCook_horizontal.jpeg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03bdb5183b442d39fa3a93eee244e41a7c398e2331fa4cc89886a1451646df25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1rMFmIQ8PiB7w2Ym5xAmaQ==
age: 48869
content-length: 57113
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Mon, 16 May 2022 08:49:16 GMT
server: cloudflare
etag: 0x8DA3718F5636B03
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 12e9e3df-401e-0073-7f77-136110000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 869440b56e4d9a0f-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 16ms
15ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/.resources/thomascook/webresources-src/js/elastic-apm-opentracing.umd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 34877
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9259b95e-901e-0084-3508-7c4b82000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 869440b57b8303f0-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 16ms
16ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Mar 2024 05:27:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 30515
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0a1e1a41-a01e-00a0-45c2-7bbd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 869440b57e539a0f-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 60ms
18ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV8Z4W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Mar 2024 03:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5966
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 24 Mar 2024 05:48:08 GMT

POST
H2 200 GetQuickSearch Show response
www.thomascook.com/tc/api/ssapi/search/1.60/package/ 6 KB
5 KB 188ms
188ms Fetch
application/json 2600:9000:2077:d800:3:28eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomascook.com/tc/api/ssapi/search/1.60/package/GetQuickSearch

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/.resources/thomascook/webresources-src/js/elastic-apm-opentracing.umd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2077:d800:3:28eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

f047ce9841fe781c7ee7ca42df9c164221c9ee710ad9f6141516ad5bfdecbfd8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=2592000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

Referer: https://www.thomascook.com/
traceparent: 00-6470bfa3be204a6620ef750343a09a0b-f70837e3b1c1e3a5-01
x-session-id: f4d3d629-28cb-4c4a-9f37-ee650ce3e0e3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=2592000, max-age=31536000; includeSubDomains
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none;, master-only
content-security-policy: default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleadservices.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.facebook.net *.wpengine.com *.bootstrapcdn.com *.twitter.com *.jquery.com *.fontawesome.com *.google.com *.pinterest.com *.gstatic.com *.uploadlibrary.com *.thomascook.com *.hotjar.com *.imi.chat *.adyen.com *.spendology.io *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.doubleclick.net *.googlesyndication.com *.googletagservices.com *.google.co.uk *.google.com.ua *.direct.ingenico.com cc-cdn.com *.google.nl *.appsflyer.com *.freshchat.com *.btttag.com *.euc-freshbots.ai *.trustpilot.com *.cookielaw.org *.worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io *.bing.com *.clarity.ms *.tiktok.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com *.wpengine.com *.bootstrapcdn.com *.imi.chat *.adyen.com *.spendology.io *.thomascook.com *.google.com *.webtrends-optimize.com *.azurewebsites.net *.webtrends.com *.optimize.com *.freshchat.com *.euc-freshbots.ai *.typeform.com *.typekit.net; font-src 'self' data: *.googleapis.com *.adyen.com *.gstatic.com *.wpengine.com *.imi.chat *.spendology.io *.thomascook.com https://script.hotjar.com *.bootstrapcdn.com *.typekit.net; object-src 'self' *.adyen.com; frame-src 'self' data: *.facebook.com https://platform.twitter.com/ *.google.com *.hotjar.com *.imi.chat *.adyen.com *.vimeo.com *.youtube.com *.doubleclick.net *.thomascook.io *.youtu.be *.googlesyndication.com https://www.covidchecker.com *.direct.ingenico.com *.modirum.com *.thomascook.com *.freshchat.com *.euc-freshbots.ai *.trustpilot.com *.rsa3dsauth.co.uk *.arcot.com *.cardinalcommerce.com *.mycardsecure.com *.monzo.com *.capitalone.com *.touch.tech *.wibmo.com *.mncbank.co.id *.typeform.com *.revolut.com *.sparkassen-kreditkarten.de *.swedbank.se *.wlp-acs.com *.rabobank.nl *.tsys.co.uk *.marqeta.com *.viseca.ch *.apata.io *.redsys.es *.edb.com *.asseco-see.hr *.mashreq.com *.cm-cic.com *.monext.fr *.garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' *.adyen.com *.thomascook.io *.thomascook.com;
x-amz-cf-pop: FRA2-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
x-xss-protection: 1;mode=block, 1; mode=block
request-context: appId=cid-v1:0c1817de-6d86-47f7-aa99-c75638eadd5c
referrer-policy: no-referrer, no-referrer-when-downgrade
server: nginx
x-ss-received: 2024-03-24 05:27:34.156197
x-amzn-trace-id: Root=1-65ffb9c6-56e7899f30e351a85d0db390
x-ss-responded: 2024-03-24 05:27:34.166262
vary: Accept-Encoding
x-frame-options: DENY, SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thomascook.com, *.thomascook.com
x-ss-resolution-time: 00:00:00.010130
cache-control: no-store
access-control-allow-credentials: true
x-azure-ref: 20240324T052734Z-9781c040u547vehxm1p41k944c00000005p0000000002eyu
x-amz-cf-id: -zcVHRBr7O0oChrX82XxSuMf6bf6cXDDsnLoHCXyDNROTh2EtegcAw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 25ms
24ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=960271637&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thomascook.com%2F&ul=en-us&de=UTF-8&dt=Thomas%20Cook%20Holidays%20%7C%20Package%20Holidays%2C%20Hotels%20%26%20City%20Breaks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAICAAIg~&cid=697177394.1711258054&tid=UA-162665552-1&_gid=443783854.1711258054&_slc=1&gtm=45He43k0n81MV8Z4W4v844054266za200&cg1=home&gcs=G101&gcd=13p3t3p2p5&dma_cps=-&dma=1&npa=1&z=1055640909

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/.resources/thomascook/webresources-src/js/elastic-apm-opentracing.umd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thomascook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 05:27:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thomascook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 40ms
17ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=13p3t3p2p5&rnd=785135540.1711258054&url=https%3A%2F%2Fwww.thomascook.com%2F&dma_cps=-&dma=1&npa=1&gtm=45He43k0n81MV8Z4W4v844054266za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV8Z4W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 05:27:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
106 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZLQK3JJ7WD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV8Z4W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

739dbde3ab4bbccaa6819985d7b07ec6c6a3825b4572b5f2d31ee02d11feff73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108887
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Mar 2024 05:27:34 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 323 KB
106 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-598478296&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV8Z4W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

295bc52077c31be9bb5324007d1980b3b8bf4da37b6c12c683aae6656c35eea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 05:27:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Mar 2024 05:27:34 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZLQK3JJ7WD&gtm=45be43k0v9112372957z8844054266za200&_p=1711258053665&gcs=G101&gcd=13p3t3p2p5&npa=1&dma_cps=-&dma=1&gdid=dYWJhMj&cid=697177394.1711258054&ecid=23384666&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&ec_mode=a&_s=1&cu=GBP&sid=1711258054&sct=1&seg=0&dl=https%3A%2F%2Fwww.thomascook.com%2F&dt=Thomas%20Cook%20Holidays%20%7C%20Package%20Holidays%2C%20Hotels%20%26%20City%20Breaks&en=page_view&_fv=1&_ss=2&ep.website=UK&up.browser_size=1600x1200&up.screen_res=1600x1200&tfd=1572
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-598478296&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomascook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 05:27:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thomascook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 events Show response
572a49791fd34e26ac5749ddb4fe5c5f.apm.westeurope.azure.elastic-cloud.com/intake/v2/rum/ 0
41 B 21ms
21ms Fetch 20.50.174.29
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://572a49791fd34e26ac5749ddb4fe5c5f.apm.westeurope.azure.elastic-cloud.com/intake/v2/rum/events

Requested by

Host: www.thomascook.com
URL: https://www.thomascook.com/.resources/thomascook/webresources-src/js/elastic-apm-opentracing.umd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.50.174.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.thomascook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://www.thomascook.com
date: Sun, 24 Mar 2024 05:27:35 GMT
x-cloud-request-id: bZVx8YfnQOOl5zuUqXIauA
x-content-type-options: nosniff
x-found-handling-instance: instance-0000000004
x-found-handling-cluster: 572a49791fd34e26ac5749ddb4fe5c5f
content-length: 0

OPTIONS
H2 200 events
572a49791fd34e26ac5749ddb4fe5c5f.apm.westeurope.azure.elastic-cloud.com/intake/v2/rum/ 0
0 152ms
26ms Preflight 20.50.174.29
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://572a49791fd34e26ac5749ddb4fe5c5f.apm.westeurope.azure.elastic-cloud.com/intake/v2/rum/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.50.174.29 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://www.thomascook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.thomascook.com
access-control-expose-headers: Etag
access-control-max-age: 3600
content-length: 0
date: Sun, 24 Mar 2024 05:27:35 GMT
vary: Origin
x-cloud-request-id: kWAlCcnDRbePNbo8cpyE5w
x-content-type-options: nosniff
x-found-handling-cluster: 572a49791fd34e26ac5749ddb4fe5c5f
x-found-handling-instance: instance-0000000004

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thomascook.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8C85DA2F27B9667AE54B2AE651024CAA
www.thomascook.com/	1969-12-31 23:59:59	Name: csrf Value: LmaKxQtRhrhXRtDk6WWuoUxd6iNP6ITXp6UzlC9G1Up09XDSX4g3WBXLl4A8L6pD_UMR4g1Lcps-fAAiCcJMQA:AAABjm7tqnA:it6krHhoLVa6RyFqOQSU0A
www.thomascook.com/	1969-12-31 23:59:59	Name: tc.features.phase2Iteration2Enabled Value: true
www.thomascook.com/	1969-12-31 23:59:59	Name: tc.features.sponsoredOffers Value: true
www.thomascook.com/	1969-12-31 23:59:59	Name: tct.session_id Value: f4d3d629-28cb-4c4a-9f37-ee650ce3e0e3
.thomascook.com/	1970-01-21 04:06:34	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Mar+24+2024+06%3A27%3A33+GMT%2B0100+(Central+European+Standard+Time)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=d0973a8e-7cfc-44d5-b421-1c8301cf8efa&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.thomascook.com%2F&groups=C0002%3A0%2CC0004%3A0%2CC0001%3A1
.thomascook.com/	1970-01-20 20:05:36	Name: tc.features.bestDealBoardBasis Value: True
.thomascook.com/	1970-01-21 04:56:58	Name: splitTest.litmus Value: 0
.thomascook.com/	1970-01-21 04:56:58	Name: tc.features.sortByVariantB Value: True
.thomascook.com/	1970-01-21 04:56:58	Name: tc.features.experiences Value: True
.thomascook.com/	1970-01-21 04:56:58	Name: tc.features.skipExtras Value: True
.thomascook.com/	1970-01-21 04:56:58	Name: tc.features.paymentV2 Value: False
.thomascook.com/	1970-01-20 19:30:43	Name: tc.features.transferV2 Value: True
.thomascook.com/	1970-01-21 04:56:58	Name: tc.features.kspBanners Value: True
.thomascook.com/	1970-01-21 04:56:58	Name: splitTest.litmusR Value: 1
.thomascook.com/	1970-01-20 19:22:24	Name: _gid Value: GA1.2.443783854.1711258054
www.thomascook.com/	1970-01-20 19:31:02	Name: AWSALB Value: s1dVQkFNbohFlkQkH8pC1ZJ3+rqt5A6owE5/uakpsU/Lb3AIDaqh/K5qGsaaG2eNAy+aPlKcG9bJKbWgi7uvh3XxskIIWWDzhrIdAI0RmXuXifz9jx0mUxk3jjZr
www.thomascook.com/	1970-01-20 19:31:02	Name: AWSALBCORS Value: s1dVQkFNbohFlkQkH8pC1ZJ3+rqt5A6owE5/uakpsU/Lb3AIDaqh/K5qGsaaG2eNAy+aPlKcG9bJKbWgi7uvh3XxskIIWWDzhrIdAI0RmXuXifz9jx0mUxk3jjZr
.thomascook.com/	1970-01-20 21:30:34	Name: xp-user Value: eyJhIjoiZjRkM2Q2MjktMjhjYi00YzRhLTlmMzctZWU2NTBjZTNlMGUzIiwiYiI6MSwiYyI6IjlkODhjODg4LWRjZjUtNGU5NS04Y2VjLWNlNTk2NDJkNGNjNCJ9
.thomascook.com/	1969-12-31 23:59:59	Name: xp-session Value: eyJhIjoiZjRkM2Q2MjktMjhjYi00YzRhLTlmMzctZWU2NTBjZTNlMGUzIiwiYiI6MSwiYyI6MCwiZCI6MCwiZSI6MCwiZiI6MCwiZyI6MCwiaCI6MCwiaSI6MCwiaiI6MX0
.thomascook.com/	1970-01-21 04:56:58	Name: _ga_ZLQK3JJ7WD Value: GS1.1.1711258054.1.0.1711258054.0.0.23384666
.thomascook.com/	1970-01-21 04:56:58	Name: _ga Value: GA1.1.697177394.1711258054

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' data:; img-src * 'unsafe-inline' 'unsafe-eval' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleadservices.com .googleapis.com .google-analytics.com .googletagmanager.com .facebook.net .wpengine.com .bootstrapcdn.com .twitter.com .jquery.com .fontawesome.com .google.com .pinterest.com .gstatic.com .uploadlibrary.com .thomascook.com .hotjar.com .imi.chat .adyen.com .spendology.io .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .doubleclick.net .googlesyndication.com .googletagservices.com .google.co.uk .google.com.ua .direct.ingenico.com cc-cdn.com .google.nl .appsflyer.com .freshchat.com .btttag.com .euc-freshbots.ai .trustpilot.com .cookielaw.org .worldline-solutions.com https://embed.typeform.com/next/embed.js https://tgtag.io .bing.com .clarity.ms .tiktok.com; style-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com .wpengine.com .bootstrapcdn.com .imi.chat .adyen.com .spendology.io .thomascook.com .google.com .webtrends-optimize.com .azurewebsites.net .webtrends.com .optimize.com .freshchat.com .euc-freshbots.ai .typeform.com .typekit.net; font-src 'self' data: .googleapis.com .adyen.com .gstatic.com .wpengine.com .imi.chat .spendology.io .thomascook.com https://script.hotjar.com .bootstrapcdn.com .typekit.net; object-src 'self' .adyen.com; frame-src 'self' data: .facebook.com https://platform.twitter.com/ .google.com .hotjar.com .imi.chat .adyen.com .vimeo.com .youtube.com .doubleclick.net .thomascook.io .youtu.be .googlesyndication.com https://www.covidchecker.com .direct.ingenico.com .modirum.com .thomascook.com .freshchat.com .euc-freshbots.ai .trustpilot.com .rsa3dsauth.co.uk .arcot.com .cardinalcommerce.com .mycardsecure.com .monzo.com .capitalone.com .touch.tech .wibmo.com .mncbank.co.id .typeform.com .revolut.com .sparkassen-kreditkarten.de .swedbank.se .wlp-acs.com .rabobank.nl .tsys.co.uk .marqeta.com .viseca.ch .apata.io .redsys.es .edb.com .asseco-see.hr .mashreq.com .cm-cic.com .monext.fr .garanti.com.tr; form-action * 'self' 'unsafe-inline' 'unsafe-eval' .adyen.com .thomascook.io *.thomascook.com;
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

572a49791fd34e26ac5749ddb4fe5c5f.apm.westeurope.azure.elastic-cloud.com
api.thomascook.com
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
invitejs.trustpilot.com
p.typekit.net
pagead2.googlesyndication.com
region1.google-analytics.com
thomascook.com
thomascook.de
use.typekit.net
widget.trustpilot.com
www.google-analytics.com
www.googletagmanager.com
www.thomascook.com
108.138.26.7
15.197.227.94
20.50.174.29
2001:4860:4802:32::36
2600:1f16:b2f:b01:31af:98fd:6f6c:2004
2600:9000:2077:d800:3:28eb:6280:93a1
2606:4700:4400::ac40:9b77
2606:4700::6813:b234
2620:1ec:46::45
2a00:1450:4001:808::2008
2a00:1450:4001:811::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:830::2002
2a02:26f0:3500:16::215:1486
2a02:26f0:3500:16::215:1495
52.222.236.71
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
03bdb5183b442d39fa3a93eee244e41a7c398e2331fa4cc89886a1451646df25
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
089d5adfd668c45b89508ae216b1c36a2bff63f19539ac8f53fcd7c186d7b5c9
0bb2e093ea8562826fcd4ffe3269b2e5efb57ba8ea069aa5c93908fe4201748b
0bc1a425269f970dc1bc21eba47440fedf62f329a3802075eea3066dce560f00
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
129d650131dc75e94371948b91c7d68dfda82a708543810dd5ba46bb54f56105
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dfb1884626fdc4bb77102f39fc21c9aee4c49421b473f27264f9fe064d9237a
1e0551cd4264f03300e0f987278d67fa7b8d882ae935b380df0dbee7bef604ed
1e91cce8815afaca26390922c9033a738abf273fa20efb3c0870633968c6899c
2090cc9f250f4b6f0df980e5701d7da585dd0b436b7896fca70eb53921b026ca
2241a43c8f49d177bd2bfb198918931161c79120932388605d7fd28887cf12ad
23981b6442a3c69bf0b3c5e3a8a2079a50186c2d5a419360d61c7ab9b5e9646a
25b74f390cf3079b3023612feaf4b8ebf14402617e9e868af8df699201e374b5
2800acf6f61eb9a24590ade9cee811ba4adad3a71ba7ae33cfcf32381b5b3b1c
295bc52077c31be9bb5324007d1980b3b8bf4da37b6c12c683aae6656c35eea3
2f0dae26e1890dd2a3cec682a837e76d44d0a235f5430c4cbf3a7315b964fa7c
3124f1637fba4270fffb020d9cd30558a8bf4890800357506f1a3596eccb0488
420fae2ecd65b325eee9da95cf72aacc6f9650d437e7a72f0576290fb33ed808
423917b9df17412080fe7c1912a25f1074b12f726fb6e70a7c0811b99580fe96
430ed30722fa16370c7e92fcea40160fcf63181ae1e630fc2de6daae907b11de
43223b65adfa2096736fa7d129e5cb33952fae9ac141315ecb029fd4409510bb
4aaaf0822d9e584fc457561451e979baf978a285c2f77efa0766749ee4ec4507
4aef1b7b81e4a2a18b7ca1b2a781f721eb7061fe8d44754cc6c05825867906b3
4fe4c0c7be6b26c59cc3fea1b8a9d7f3f1cc019786b7d9996ef73405c5cfd3d8
56f3c3ebd546ec6d77ee30bd6991dab997ce121e1265e604d35a3fcf62a9eb2c
5ac52c7d82deb029efdef59580b4ab211082af09a5d7bc01b8bb9f0a4190a534
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62b36a0b3daf3fc612457b5a87d579f21cfa91148f40f3dc679cd2cdb78b2f72
64d78e8a95fa18f6257ac80a9a3ff600293f4519bce2ca3168a20dff29a66108
670d5d84c031d8eb4a845fd6408dbb1a78d21bb433c4fde564e2e57950787344
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
71bff5e87afce0b0ddf250393265c958f4897ab4a23c953d09d74a3193c3e2bc
739dbde3ab4bbccaa6819985d7b07ec6c6a3825b4572b5f2d31ee02d11feff73
760278c2ab8ef3e54beed88c61cec75b78b0ddda18646784cae74f4b30df5f23
790a15417a6e0811e9a087807f35bac3709fc324c5577f7972017bdca9cac9f4
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
817d1bce6eec98f321a1d7b3c248a8b41e78ee09bb92291e6f0e7000f86facaa
83034aae6062463adf6b7448ab3dfa24505f26384b3dbf7ce1bb191769c31715
84381762ebda546fa11271435477e40b1abac334e7ed2e1ca4d807f1eeb71214
8eef0dae930fcbafe8992605cd0a966c022c34198324ba35d50443411203e737
9bbdc6d07eff1066a0ff5353f67c9c90db66429c9826fe90a5c9a29c34e23cd2
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
b08ebab1abe91fe049194a05229744201f3c79e7de45d96af943293483c34e60
b1c56add63e13bf26512a50b1f4525d0361ee698abf0555a33d6b877f21bdb3a
b7995eaa940b75be18be1f8c92ad896fa0290b713e667b15102038c8282c775b
bf1ec86f618311f41c7f701cb99f72d7d18e56b8e6bc7cb68f002132478c6c94
c0f3a7a828b0ebd58128f49b6672554b531676a2bb7dc661d95825b339a561c4
c16d15b692ecce37961d6dafe281677c7ddc5ba101cd286bc87ed008d097bd37
c1b3724f6863736de9cf0606f00dcc77f7b2c6c0dfbd02be70d5029b3f7034fb
c3bd0ac021b01bd0e723bf74a110ec4519e42a293e67c12b10973e4c368488f8
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c5c70f039486570018c8469631e1fdbebc03a907ab3e1270c3e11a58c1f51394
c8d8e34632e1f5873651c46bc8da139d1cce76e67e8a591c7a0a1bd64c1a403c
c985b45c9d123589b9eca67fb5923aa96db45bf7f868532217a50b187ce55151
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cc5d4cec93b445050a076cd531fbf262849f53dd9424177ae0d9005ed477ebd6
d1cfee7e22356ae7ee98efd3208ce82c788f2ac786021146a9c00ee3954a0574
d38d291bef2b938bbc3f4e2db00585468155b519ca6dfe599ddce71a05137f97
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
da224fbf2f7cf9ddf2a84a09baaf54bd9a2224ad26c1657b1437eba9fd342224
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df59449753d3c47721cbc6a5c444175a26917a6a8ae1c39e299d8b46d158a9a1
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead904128ca4703dc619fea82999b851dbe36bc3392c053f6883b75af38d3df7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f047ce9841fe781c7ee7ca42df9c164221c9ee710ad9f6141516ad5bfdecbfd8
f1db159553f88b823df85a0cbc4d3ca852972510c06f562585650a5903330853
f2aa7f3d79fae2bec1887bcea41f7991b0f5aa1beeb56da6c73843499e65ba1a
f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a
f4bfb273ab7ae0ba367fd590881a8debd22870a0cd061f0a099c1ae2c74eb003
f760e617c731bcaa41bcd2dfedb6f4ce751a5d3b8870c7014addfb7ee5d77bb4
f8ac8d1e080fec3f321e912cb34934ce7614510930bbec2a763bb9f5513fa4f6
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fdaee8e71a1d7eda1c38559016092cc08c15551c9a7c46a9238d722e0d7bf937

www.thomascook.com Open in urlscan Pro 2600:9000:2077:d800:3:28eb:6280:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

76 %IPv6

12 Domains

17 Subdomains

16 IPs

3 Countries

1902 kBTransfer

4141 kBSize

22 Cookies

14 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thomascook.com Open in urlscan Pro
2600:9000:2077:d800:3:28eb:6280:93a1 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

76 %
IPv6

12
Domains

17
Subdomains

16
IPs

3
Countries

1902 kB
Transfer

4141 kB
Size

22
Cookies

80 HTTP transactions
2 data transactions