urlscan.io logo urlscan.io
SecurityTrails logo

airlines.booking-airlines.site Open in urlscan Pro
2001:41d0:301:3::31  Public Scan

Go To Rescan Add Verdict Report
URL: https://airlines.booking-airlines.site/
Submission: On June 16 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 12 domains to perform 38 HTTP transactions. The main IP is 2001:41d0:301:3::31, located in France and belongs to OVH, FR. The main domain is airlines.booking-airlines.site.
TLS certificate: Issued by R3 on June 4th 2024. Valid for: 3 months.
This is the only time airlines.booking-airlines.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    2001:41d0:301:3::31 (France)

ASN16276 (OVH, FR)
airlines.booking-airlines.site
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2134:3600:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-js.ringba.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.67.18.64 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipgeolocation.io
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:b0c0:1:d0::90:d001 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
v2.clickguardian.app
3    3.10.38.99 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-38-99.eu-west-2.compute.amazonaws.com
script.anura.io
1    54.205.29.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-29-149.compute-1.amazonaws.com
display.ringba.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net
www.googletagmanager.com
1    18.65.39.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-108.ams1.r.cloudfront.net
ads.anura.io
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
14 booking-airlines.site
airlines.booking-airlines.site
285 KB
4 anura.io
script.anura.io — Cisco Umbrella Rank: 61783
ads.anura.io — Cisco Umbrella Rank: 79554
23 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
region1.google-analytics.com — Cisco Umbrella Rank: 2347
21 KB
3 gstatic.com
fonts.gstatic.com
69 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
248 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
420 B
2 clickguardian.app
v2.clickguardian.app — Cisco Umbrella Rank: 128401
2 KB
2 ringba.com
b-js.ringba.com — Cisco Umbrella Rank: 138479
display.ringba.com — Cisco Umbrella Rank: 114070
14 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
850 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 135
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
10 KB
1 ipgeolocation.io
api.ipgeolocation.io — Cisco Umbrella Rank: 47543
893 B
38 12
Domain Requested by
14 airlines.booking-airlines.site airlines.booking-airlines.site
3 script.anura.io airlines.booking-airlines.site
script.anura.io
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com airlines.booking-airlines.site
www.googletagmanager.com
www.google-analytics.com
2 v2.clickguardian.app airlines.booking-airlines.site
v2.clickguardian.app
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com airlines.booking-airlines.site
1 googleads.g.doubleclick.net
1 www.googleadservices.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 ads.anura.io script.anura.io
1 stats.g.doubleclick.net www.google-analytics.com
1 cdnjs.cloudflare.com v2.clickguardian.app
1 display.ringba.com b-js.ringba.com
1 api.ipgeolocation.io airlines.booking-airlines.site
1 b-js.ringba.com airlines.booking-airlines.site
38 16

This site contains links to these domains. Also see Links.

Domain
travel.state.gov
Subject Issuer Validity Valid
booking-airlines.site
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.ringba.com
Amazon RSA 2048 M03		 2023-11-27 -
2024-12-23		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
ipgeolocation.io
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
v2.clickguardian.app
Sectigo RSA Domain Validation Secure Server CA		 2023-10-24 -
2024-11-23		 a year crt.sh
script.anura.io
Amazon RSA 2048 M02		 2023-10-16 -
2024-11-13		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
ads.anura.io
Amazon RSA 2048 M03		 2024-04-29 -
2025-05-27		 a year crt.sh
*.googleadservices.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://airlines.booking-airlines.site/
Frame ID: F4589C530B413AAE209D853CFDADA8CE
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Airlines Information

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

38
Requests

100 %
HTTPS

53 %
IPv6

12
Domains

16
Subdomains

17
IPs

6
Countries

676 kB
Transfer

1239 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
airlines.booking-airlines.site/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
548f536b5202a014105f23da1b40d52f0d1e1c4f83888cc5786bb1a341c6f9b4

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
3567
content-type
text/html
date
Sun, 16 Jun 2024 13:14:29 GMT
server
Apache
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		2 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;700&display=swap
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3db6f8817221a5ae78a52b8e333260135bf2519ebeef8a7d77d3bcd0ed950384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jun 2024 13:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 13:00:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jun 2024 13:14:29 GMT
CA3bf5e0fd28b24103ae86b3cd73a1c2dd
b-js.ringba.com/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-js.ringba.com/CA3bf5e0fd28b24103ae86b3cd73a1c2dd
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:3600:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
866d01bfec307f079a10304f8ca37db72bb480cbc5f0ff20446f5c2199407006

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
19.0000
date
Sun, 16 Jun 2024 13:14:29 GMT
via
1.1 b8f7ec2a292687370773a41cd1bdc97a.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
MXP64-C2
x-powered-by
ASP.NET
access-control-max-age
300
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-length
13213
x-amz-cf-id
AzHMUYvepRXw_ld2Y0OGaQxIlJG0YYMNAWjyh7RQJrpwclV1dbWOiQ==
expires
Sun, 16 Jun 2024 13:19:29 GMT
main.css
airlines.booking-airlines.site/resources/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airlines.booking-airlines.site/resources/css/main.css
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
c5d4e32f5662430bbfaf918a71eebad18c8b1c46931427b14d49be42caef8f88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
bytes
content-length
3275
expires
Sun, 16 Jun 2024 13:29:29 GMT
main.js
airlines.booking-airlines.site/resources/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airlines.booking-airlines.site/resources/js/main.js
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
fb8f2a3ccf8281f2af62fa9eb7f8d5f7198bc21db7cdbb916d3a373d64d7e779

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
1005
expires
Sun, 16 Jun 2024 13:29:29 GMT
airline-logo.png
airlines.booking-airlines.site/resources/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airlines.booking-airlines.site/resources/images/airline-logo.png
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
626399eed1bbb004b84ec1f4f80ab3c78874ac5123959a4652f31d424ebd40c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
13373
expires
Sun, 16 Jun 2024 13:29:29 GMT
airline-plane.png
airlines.booking-airlines.site/resources/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airlines.booking-airlines.site/resources/images/airline-plane.png
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
a2c0fb3ffca3030e773934fa56a7437c334b3bc1cbd4bbfa5d518b2e9610c541

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
26451
expires
Sun, 16 Jun 2024 13:29:29 GMT
customer-rep.png
airlines.booking-airlines.site/resources/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airlines.booking-airlines.site/resources/images/customer-rep.png
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
b3fc6c2e90cfd357a43b9950f7d48f4350cae456ad38fc3dc3087ec2d2019b24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
11196
expires
Sun, 16 Jun 2024 13:29:29 GMT
ringing-phone.gif
airlines.booking-airlines.site/resources/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airlines.booking-airlines.site/resources/images/ringing-phone.gif
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
7d392de56d96fb5bd76cbb64f7a8e2edb35d86372ba2edf308c75ccfab24f618

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
6921
expires
Sun, 16 Jun 2024 13:29:29 GMT
advantage-price-guarantee.svg
airlines.booking-airlines.site/resources/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airlines.booking-airlines.site/resources/images/advantage-price-guarantee.svg
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
d4d21294aae27b864ebb35f59d2f66dd552912167416102b15531ab14012d8fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
3061
expires
Sun, 16 Jun 2024 13:29:29 GMT
advantage-customer-service.svg
airlines.booking-airlines.site/resources/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airlines.booking-airlines.site/resources/images/advantage-customer-service.svg
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
a023edb1b8c59a1e507045a68aeaed8b75ab818014eaa60e8cd30528299291e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
2408
expires
Sun, 16 Jun 2024 13:29:29 GMT
advantage-secure-booking.svg
airlines.booking-airlines.site/resources/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airlines.booking-airlines.site/resources/images/advantage-secure-booking.svg
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
2b27e8e6cf34f9d1c8ac01c59e68ea575301cc393d58699ce6ac92cb47e138ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
2434
expires
Sun, 16 Jun 2024 13:29:29 GMT
gtm.js
www.googletagmanager.com/ 		206 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W5MZ4V9
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63a38907f16535fd47aa0a7f261dea328882f557506374d44577872a0588a5e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75872
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Jun 2024 13:14:29 GMT
bg.webp
airlines.booking-airlines.site/resources/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airlines.booking-airlines.site/resources/images/bg.webp
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/resources/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
1c4144eb5cc9c31ad52781b5faaea7bb3f5bd78533bfc0d5449df2a4c54bb99f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/resources/css/main.css
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
content-type
image/webp
cache-control
max-age=900
accept-ranges
bytes
content-length
42722
expires
Sun, 16 Jun 2024 13:29:29 GMT
btmimg.webp
airlines.booking-airlines.site/resources/images/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://airlines.booking-airlines.site/resources/images/btmimg.webp
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/resources/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
355651a2f31d7985d76ca0ce5ea516b5c3f471622da44130e8a9e748c4ee43aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/resources/css/main.css
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:52:47 GMT
server
Apache
content-type
image/webp
cache-control
max-age=900
accept-ranges
bytes
content-length
167858
expires
Sun, 16 Jun 2024 13:29:29 GMT
ipgeo
api.ipgeolocation.io/ 		1 KB
893 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipgeolocation.io/ipgeo?apiKey=ac306a64495340599347c6d3f645dab1
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/resources/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.18.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd844bd3b388006217c13404c295a45b569ad2566ebbe4de77c9bccb28377f56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
https://airlines.booking-airlines.site
access-control-allow-credentials
true
cf-ray
894b10305ac26f1c-CDG
alt-svc
h3=":443"; ma=86400
data.json
airlines.booking-airlines.site/resources/ 		576 B
709 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://airlines.booking-airlines.site/resources/data.json
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/resources/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
1936f424c7aac2d2379d79f711c93b3e455b37c6a5620411e5ad06e55e9ad8f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
last-modified
Tue, 04 Jun 2024 16:54:18 GMT
server
Apache
accept-ranges
bytes
content-length
576
content-type
application/json
css2
fonts.googleapis.com/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;700&display=swap
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3db6f8817221a5ae78a52b8e333260135bf2519ebeef8a7d77d3bcd0ed950384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 13:00:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jun 2024 13:14:29 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://airlines.booking-airlines.site
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 05:05:37 GMT
x-content-type-options
nosniff
age
288532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 05:05:37 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://airlines.booking-airlines.site
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 23:52:24 GMT
x-content-type-options
nosniff
age
220925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 23:52:24 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://airlines.booking-airlines.site
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 09:47:09 GMT
x-content-type-options
nosniff
age
271640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 09:47:09 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5MZ4V9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 11:57:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4628
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 16 Jun 2024 13:57:22 GMT
track.js
v2.clickguardian.app/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.clickguardian.app/track.js
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:1:d0::90:d001 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
dcdf62f54440f8c224dcdfb6453c53106600c573d3cb5e4c0ba0d1cafcda3edc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 13:14:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jan 2020 14:59:49 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
W/"5e25c065-e6d"
Transfer-Encoding
chunked
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		234 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-720844874
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5MZ4V9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56ee465a6c54c78f161fbcbd035018934c61c8319ac957146f88018d004a3e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85571
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Jun 2024 13:14:30 GMT
request.js
script.anura.io/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=2663314973&source=airlines.booking-airlines.site%2F&callback=anuraResponseHandler&750915092505
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.10.38.99 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-38-99.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
86d68f158d6fcd8c8abaa36fbad5731f59d9cb4a39c1bec94826abb6ad1478fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 13:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
collect
www.google-analytics.com/j/ 		16 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1856749331&t=pageview&_s=1&dl=https%3A%2F%2Fairlines.booking-airlines.site%2F&ul=fr-fr&de=UTF-8&dt=Airlines%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1038328087&gjid=2106591069&cid=834787467.1718543670&tid=UA-222017740-1&_gid=1453299251.1718543670&_r=1&_slc=1&gtm=45He46c0n81W5MZ4V9v861954157za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=591017894
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7c12f3f2fa58d25c21e533538cb154c3a6cb0ace04b5ecb24f13bb5f777da060
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 13:14:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://airlines.booking-airlines.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
gnbulk
display.ringba.com/v2/nis/ 		382 B
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.ringba.com/v2/nis/gnbulk
Requested by
Host: b-js.ringba.com
URL: https://b-js.ringba.com/CA3bf5e0fd28b24103ae86b3cd73a1c2dd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.29.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-29-149.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
677f90631d99183a1825eda3b66a761336094955eb921a2aa4da373e27aebd73

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 16 Jun 2024 13:14:29 GMT
X-Runtime
0.0220
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
300
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://airlines.booking-airlines.site
Cache-Control
no-cache
Connection
keep-alive
Content-Length
382
Expires
-1
fingerprint2.min.js
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/fingerprint2.min.js
Requested by
Host: v2.clickguardian.app
URL: https://v2.clickguardian.app/track.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1014280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9392
last-modified
Mon, 04 May 2020 16:10:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5c-72e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQnS52KWBhvaXEJ2cOFs59AiPoVoSEGSgk1IrbudXuRrRLcyJUXxtl2HJispF0phyDB93DB0bJoWdVfifWJ4SlB4mXjsznNl2O6HggxGLdQM81UysWgPN7s9hlwBx%2Bgt%2FroZH2wM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
894b10328c377805-CDG
expires
Fri, 06 Jun 2025 13:14:30 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-222017740-1&cid=834787467.1718543670&jid=1038328087&gjid=2106591069&_gid=1453299251.1718543670&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1746862160
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 16 Jun 2024 13:14:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://airlines.booking-airlines.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		252 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VRJ0XP5TWF&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4e308f575e55e05a191a29e3a4f5aafd7f476ed93c9a2e44378e084a5b472994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91908
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jun 2024 13:14:30 GMT
showads.js
ads.anura.io/ 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.anura.io/showads.js?83590954693
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2663314973&source=airlines.booking-airlines.site%2F&callback=anuraResponseHandler&750915092505
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-108.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 17:04:02 GMT
content-encoding
gzip
via
1.1 97eaba44803576cf9f5d9993fc05ccee.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS1-P1
age
72628
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
x-amz-cf-id
gu-RnR_wQ2JKpxh1r3pQBO5MyGHe0ON6cg7Qa57Z0COCUb8LRa-IEQ==
collect
region1.google-analytics.com/g/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VRJ0XP5TWF&gtm=45je46c0v9109596352za200&_p=1718543669704&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&tag_exp=0&ul=fr-fr&sr=1600x1200&cid=834787467.1718543670&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fairlines.booking-airlines.site%2F&dt=Airlines%20Information&sid=1718543670&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=793
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRJ0XP5TWF&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 13:14:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://airlines.booking-airlines.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
v2.clickguardian.app/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v2.clickguardian.app/tracking
Requested by
Host: v2.clickguardian.app
URL: https://v2.clickguardian.app/track.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:1:d0::90:d001 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 16 Jun 2024 13:14:30 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
favicon.ico
airlines.booking-airlines.site/ 		11 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://airlines.booking-airlines.site/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301:3::31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
548f536b5202a014105f23da1b40d52f0d1e1c4f83888cc5786bb1a341c6f9b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 13:14:30 GMT
content-encoding
gzip
server
Apache
accept-ranges
bytes
content-length
3567
vary
Accept-Encoding
content-type
text/html
response.json
script.anura.io/ 		51 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2663314973&source=airlines.booking-airlines.site%2F&callback=anuraResponseHandler&750915092505
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.10.38.99 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-38-99.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
45f6c5b871f510ad89c1225548fa7bb65c7ac2a2a78c28d93d4f94750e5c6725
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 13:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
result.json
script.anura.io/ 		41 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/result.json
Requested by
Host: airlines.booking-airlines.site
URL: https://airlines.booking-airlines.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.10.38.99 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-38-99.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 13:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
/
www.googleadservices.com/pagead/conversion/720844874/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/720844874/?random=1718543670918&cv=11&fst=1718543670918&bg=ffffff&guid=ON&async=1&gtm=45be46c0v872069200za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fairlines.booking-airlines.site%2F&label=hT0ZCJmGk_gDEMrw3NcC&hn=www.googleadservices.com&frm=0&tiba=Airlines%20Information&gtm_ee=1&npa=1&pscdl=noapi&auid=76155618.1718543670&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Danura_exclusion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-720844874
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6c66c291a27bd26c260f78654fbbdd94ae33bfd7d5587ee71e0c59241838b4ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 13:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1643
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/720844874/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/720844874/?random=1608844774&cv=11&fst=1718543670918&bg=ffffff&guid=ON&async=1&gtm=45be46c0v872069200za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fairlines.booking-airlines.site%2F&label=hT0ZCJmGk_gDEMrw3NcC&hn=www.googleadservices.com&frm=0&tiba=Airlines%20Information&gtm_ee=1&npa=1&pscdl=noapi&auid=76155618.1718543670&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Danura_exclusion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLG5vdC1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMInf6piJrghgMVbQ6iAx2Z3w12MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vYWlybGluZXMuYm9va2luZy1haXJsaW5lcy5zaXRlLw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://airlines.booking-airlines.site/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 13:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| dataLayer object| def function| checkCookie function| setLocation function| updateElementOnPageByClass function| hidePopup object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _cgk function| isIOSAndGSA object| buttons function| gtag function| anuraResponseHandler function| resultHandler object| gaplugins object| gaGlobal object| gaData object| ringba_known_numbers object| _rgba object| ringba object| _rgba_tags function| Fingerprint2 object| Anura object| GooglebQhCsO

7 Cookies

Domain/Path Name / Value
airlines.booking-airlines.site/ Name: userCity
Value: Paris
.booking-airlines.site/ Name: _gcl_au
Value: 1.1.76155618.1718543670
.booking-airlines.site/ Name: _ga
Value: GA1.2.834787467.1718543670
.booking-airlines.site/ Name: _gid
Value: GA1.2.1453299251.1718543670
.booking-airlines.site/ Name: _gat_UA-222017740-1
Value: 1
.booking-airlines.site/ Name: _ga_VRJ0XP5TWF
Value: GS1.2.1718543670.1.0.1718543670.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
airlines.booking-airlines.site
api.ipgeolocation.io
b-js.ringba.com
cdnjs.cloudflare.com
display.ringba.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.google-analytics.com
script.anura.io
stats.g.doubleclick.net
v2.clickguardian.app
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
104.17.24.14
142.250.181.226
142.250.186.130
172.67.18.64
18.65.39.108
2001:41d0:301:3::31
2001:4860:4802:34::36
2001:4860:4802:38::178
216.58.212.136
2600:9000:2134:3600:4:1957:6500:93a1
2a00:1450:4001:802::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c04::9b
2a03:b0c0:1:d0::90:d001
3.10.38.99
54.205.29.149
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1936f424c7aac2d2379d79f711c93b3e455b37c6a5620411e5ad06e55e9ad8f5
1c4144eb5cc9c31ad52781b5faaea7bb3f5bd78533bfc0d5449df2a4c54bb99f
2b27e8e6cf34f9d1c8ac01c59e68ea575301cc393d58699ce6ac92cb47e138ab
355651a2f31d7985d76ca0ce5ea516b5c3f471622da44130e8a9e748c4ee43aa
3db6f8817221a5ae78a52b8e333260135bf2519ebeef8a7d77d3bcd0ed950384
45f6c5b871f510ad89c1225548fa7bb65c7ac2a2a78c28d93d4f94750e5c6725
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4e308f575e55e05a191a29e3a4f5aafd7f476ed93c9a2e44378e084a5b472994
548f536b5202a014105f23da1b40d52f0d1e1c4f83888cc5786bb1a341c6f9b4
56ee465a6c54c78f161fbcbd035018934c61c8319ac957146f88018d004a3e2a
626399eed1bbb004b84ec1f4f80ab3c78874ac5123959a4652f31d424ebd40c8
63a38907f16535fd47aa0a7f261dea328882f557506374d44577872a0588a5e3
677f90631d99183a1825eda3b66a761336094955eb921a2aa4da373e27aebd73
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c66c291a27bd26c260f78654fbbdd94ae33bfd7d5587ee71e0c59241838b4ff
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
7c12f3f2fa58d25c21e533538cb154c3a6cb0ace04b5ecb24f13bb5f777da060
7d392de56d96fb5bd76cbb64f7a8e2edb35d86372ba2edf308c75ccfab24f618
866d01bfec307f079a10304f8ca37db72bb480cbc5f0ff20446f5c2199407006
86d68f158d6fcd8c8abaa36fbad5731f59d9cb4a39c1bec94826abb6ad1478fc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a023edb1b8c59a1e507045a68aeaed8b75ab818014eaa60e8cd30528299291e9
a2c0fb3ffca3030e773934fa56a7437c334b3bc1cbd4bbfa5d518b2e9610c541
b3fc6c2e90cfd357a43b9950f7d48f4350cae456ad38fc3dc3087ec2d2019b24
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5d4e32f5662430bbfaf918a71eebad18c8b1c46931427b14d49be42caef8f88
d4d21294aae27b864ebb35f59d2f66dd552912167416102b15531ab14012d8fc
dcdf62f54440f8c224dcdfb6453c53106600c573d3cb5e4c0ba0d1cafcda3edc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb8f2a3ccf8281f2af62fa9eb7f8d5f7198bc21db7cdbb916d3a373d64d7e779
fd844bd3b388006217c13404c295a45b569ad2566ebbe4de77c9bccb28377f56