urlscan.io logo urlscan.io
SecurityTrails logo

marcinelleapartoteldesjardinsd.bhotel.top Open in urlscan Pro
204.93.224.158  Public Scan

Go To Rescan Add Verdict Report
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Submission: On October 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 10 domains to perform 81 HTTP transactions. The main IP is 204.93.224.158, located in Chicago, United States and belongs to SERVERCENTRAL, US. The main domain is marcinelleapartoteldesjardinsd.bhotel.top.
This is the only time marcinelleapartoteldesjardinsd.bhotel.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    204.93.224.158 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: bh8964.banahosting.com
marcinelleapartoteldesjardinsd.bhotel.top
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
7    2606:4700:4400::6812:2262 (United States)

ASN13335 (CLOUDFLARENET, US)
widget.getyourguide.com
1    2a02:26f0:3500:11::215:14c7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn-icons-png.flaticon.com
20    2600:9000:223f:d200:1c:d826:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.bstatic.com
9    2606:4700:e2::ac40:8209 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
maps.gstatic.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    65.9.66.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-14.fra56.r.cloudfront.net
www.booking.com
1    65.9.66.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-108.fra56.r.cloudfront.net
www.booking.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
19    2606:4700:4400::ac40:942a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.getyourguide.com
Apex Domain
Subdomains		 Transfer
26 getyourguide.com
widget.getyourguide.com — Cisco Umbrella Rank: 38549
cdn.getyourguide.com — Cisco Umbrella Rank: 41576
767 KB
20 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 16340
918 KB
17 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 49
translate.googleapis.com — Cisco Umbrella Rank: 1163
maps.googleapis.com — Cisco Umbrella Rank: 418
327 KB
10 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1848
ka-f.fontawesome.com — Cisco Umbrella Rank: 3656
211 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
maps.gstatic.com
41 KB
2 booking.com
www.booking.com — Cisco Umbrella Rank: 10281
55 KB
2 google.com
translate.google.com — Cisco Umbrella Rank: 1375
31 KB
1 flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 42047
21 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183
5 KB
1 bhotel.top
marcinelleapartoteldesjardinsd.bhotel.top
6 KB
81 10
Domain Requested by
20 cf.bstatic.com marcinelleapartoteldesjardinsd.bhotel.top
www.booking.com
cf.bstatic.com
19 cdn.getyourguide.com widget.getyourguide.com
cdn.getyourguide.com
10 maps.googleapis.com cf.bstatic.com
maps.googleapis.com
9 ka-f.fontawesome.com kit.fontawesome.com
marcinelleapartoteldesjardinsd.bhotel.top
7 widget.getyourguide.com marcinelleapartoteldesjardinsd.bhotel.top
widget.getyourguide.com
cdn.getyourguide.com
5 fonts.googleapis.com marcinelleapartoteldesjardinsd.bhotel.top
2 www.booking.com 1 redirects marcinelleapartoteldesjardinsd.bhotel.top
2 translate.google.com 1 redirects marcinelleapartoteldesjardinsd.bhotel.top
1 maps.gstatic.com marcinelleapartoteldesjardinsd.bhotel.top
1 fonts.gstatic.com fonts.googleapis.com
1 translate.googleapis.com
1 www.gstatic.com
1 cdn-icons-png.flaticon.com marcinelleapartoteldesjardinsd.bhotel.top
1 maxcdn.bootstrapcdn.com marcinelleapartoteldesjardinsd.bhotel.top
1 kit.fontawesome.com marcinelleapartoteldesjardinsd.bhotel.top
1 ajax.googleapis.com marcinelleapartoteldesjardinsd.bhotel.top
1 marcinelleapartoteldesjardinsd.bhotel.top
81 17

This site contains links to these domains. Also see Links.

Domain
booking.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.flaticon.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-13 -
2024-08-31		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2023-09-10 -
2023-12-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.booking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-12 -
2024-05-18		 a year crt.sh

This page contains 3 frames:

Primary Page: http://marcinelleapartoteldesjardinsd.bhotel.top/
Frame ID: D2256668105B83F59A6561CBB985CE81
Requests: 35 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Frame ID: EFF1F2D1D9C61DA97F66E221E2D2AEBC
Requests: 26 HTTP requests in this frame

Frame: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Frame ID: 56A6667A2D5B407B51D4E7AC2BA956EA
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Marcinelle Apartotel Des Jardins De La Fontaine Qui Bout

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

94 %
HTTPS

82 %
IPv6

10
Domains

17
Subdomains

17
IPs

2
Countries

2381 kB
Transfer

5376 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit HTTP 301
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Request Chain 26
  • http://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium& HTTP 301
  • https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
marcinelleapartoteldesjardinsd.bhotel.top/ 		23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
HTTP/1.1
Server
204.93.224.158 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh8964.banahosting.com
Software
/
Resource Hash
3fc06a0a4c56c724a0e609793d991b597b60607c86f7be6719498bb296fe9eaf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 14:01:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
transfer-encoding
chunked
vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 22:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Oct 2024 22:28:57 GMT
css
fonts.googleapis.com/ 		761 B
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 14:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 12:37:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 14:01:21 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900&display=swap
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5b0a1f1dc96d286bc1ba6a7f8393d7cc74d073bb6fb26da88cb92b08c5632452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 14:01:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 05 Oct 2023 14:01:21 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 05 Oct 2023 14:01:21 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c77f925476c7b7317df5146bcb0175ed01053aa6df9a270cfe7cb75322c8fff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 14:01:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 05 Oct 2023 14:01:21 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 05 Oct 2023 14:01:21 GMT
css
fonts.googleapis.com/ 		6 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,600,700&display=swap
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bcef4d15a0c7757ddd9eb4e6a81f65d7aedc5fe6f4ba95d90c5a63381f156ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 14:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 13:54:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 14:01:21 GMT
css
fonts.googleapis.com/ 		11 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin:100,200,300,400,500,600,700,800,900&display=swap
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63f9e635bca6053c2baecd7e90f62ab7223c1425e93fb60fd6c1a8ece6151923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 14:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 14:01:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 14:01:21 GMT
c597f1ee3e.js
kit.fontawesome.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/c597f1ee3e.js
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41cddf2dcd942128378479c5fd87a454441f02b678186cff7f9f1a2a16d2247b

Request headers

Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
Origin
http://marcinelleapartoteldesjardinsd.bhotel.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
811632349c816983-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F4s67q74tV4LSkgFC92D
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
718, 718
age
21881177
cdn-cachedat
2021-04-13 02:36:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
357c5298f2849c0ce9712c57ec240f4e
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
811632348b97901f-FRA
cdn-requestpullsuccess
True
element.js
translate.google.com/translate_a/
Redirect Chain
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b274f4465ba51f423c2ce126ffceb150d41dd08d8dc314a4d6381fe89caa579e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 14:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 14:01:21 GMT
X-Content-Type-Options
nosniff
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
application/binary
Location
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
X-XSS-Protection
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
pa.umd.production.min.js
widget.getyourguide.com/dist/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/dist/pa.umd.production.min.js
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568ccfe210b99ae55c68500f6f9b3397604249b4f5efccb8038fcad5e97e2871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
JJ7042RAC6VHNNNM
age
1202
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Gis5UKNr1o6U8527UxRnPwtMHLnRp1606z9NgmQiup9Gt/XCY1dgDJBeyzKLjNum9u84CmpPIFM=
last-modified
Wed, 04 Oct 2023 11:51:14 GMT
server
cloudflare
etag
W/"da5bf5180658b54a90d3cdbcdacc2061"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, must-revalidate
cf-ray
811632359e5091ef-FRA
4540790.png
cdn-icons-png.flaticon.com/512/4540/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-icons-png.flaticon.com/512/4540/4540790.png
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ea566bcfe25ec81ab2688387def9cb5990637e85a559003486d7f44f434302b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
x-amz-meta-goog-reserved-file-mtime
1618407112
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
21282
pragma
public
last-modified
Thu, 14 Oct 2021 17:42:10 GMT
etag
"a442729b18adb8a2204efb18b90423e8"
vary
Accept-Encoding
x-goog-generation
1634233330818338
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
x-goog-stored-content-length
21282
x-amz-checksum-crc32c
FvDczg==
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1627247437293334
expires
Thu, 05 Oct 2023 14:01:21 GMT
26000496.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/26000496.jpg?k=b023d69e6642b58f728a52229dcb80c7609f493e0b8e49607f16d34f3b2f7432&o=&hp=1
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecf289bb9fec6d3045b6a20360114be9c3825a938a09dbbe1215ba8feb09e7e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
etag
"ff146078214bbddebf73b3a1fba358b02c557200"
x-cache
Miss from cloudfront
content-language
124686
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
ylvPRkfLJBdN0onLByxKokZO0guf5tBfh-EMlZSKB9r5icAEy_w9xQ==
x-xss-protection
1; mode=block
26000450.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/26000450.jpg?k=eec535ddfd5b1182dc02c3cfe23282ed21f0a9fdba9c85795b50ec386e75f517&o=&hp=1
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e6436f315c30f5a9c128471cee3749edb104516a9b1d8a82168c6b24dac926a2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
etag
"313b0870385d6b5e4addd294e625abc508b3fb00"
x-cache
Miss from cloudfront
content-language
97583
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
IFRq9y3hUzC9pBFgj_FYmtQ-lBB1mTf5Ro3d_7z46dD57pvc6GIoEw==
x-xss-protection
1; mode=block
26000479.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/26000479.jpg?k=4091256c57a715253ec762eb3a954a9144c0dc01cac0dfdc6f8ce0cd75a67c92&o=&hp=1
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
597562fe72f4e8df6f9897bf51967b915b71593f0289463be17f64b6010ccff5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
etag
"cf5b374c2b0459e016a0e8c3a2738d57e8a8ee81"
x-cache
Miss from cloudfront
content-language
88481
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
OU_PT-aejfkkJd500SNa1FqnrL7i34JnT34YaU8f16VwPi3Xg0st2Q==
x-xss-protection
1; mode=block
29887884.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		193 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/29887884.jpg?k=1278c3487100fc0059c29ca5d751be8cb63843511dfa8f3cac02725e0376e2f2&o=&hp=1
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fbff658a134f7e8c08c56a7addd60cbfb5ea36612ce6363f5b24a7cdf011cb72
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
etag
"972e673a00da6c8887863da233340e2759b47575"
x-cache
Miss from cloudfront
content-language
198088
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
d-5x-vYiphjrvIcYwmnME_XYUIPinJh191f9GZW2wflSThDCivkbvg==
x-xss-protection
1; mode=block
26000513.jpg
cf.bstatic.com/xdata/images/hotel/max1200/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1200/26000513.jpg?k=0b5de280b561678caf578a3f51e65996c59db368861f0c5f11cf0d3413e6528a&o=&hp=1
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7df0d75d97d77f4c7011d5c34d83e09f39a596fef42bdf9ca18bba1d65437256
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
etag
"b9489587eca5acaa25c993652c6f4bd8f769cad2"
x-cache
Miss from cloudfront
content-language
81174
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Q60PGIQTJ97ArCuZ0HWHQqJYXJw8t4kbYfG9kgR-8mFXZQbokDYNsA==
x-xss-protection
1; mode=block
free.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		100 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"ae737a19e46fd502ba9cbe9e33213861"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9KtsnyTV0lGXjYrAVWTrGFKdy7BfhKlrZtgPVjxP0A5rtFgFNwgsynw3bpMdPB15ZlYTS7TXT5z4cMLq3kRMV0XIOvoYZv7Y89kpcPRh7%2BqStzwYLIYoS6%2Fdv4SbQnnKcPUumA0NARp%2BnIzH7VBZaiHPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
811632359cba3a54-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
C9HFes6fw0rNAnLGZFhuZ06UNrEQVOpYjDqefh3n-LqDgt_9O4gxzQ==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"da06df503ced6ee507b5fb4fa0999f74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIr6dJUpfZE2HDnoQTy8fVgGLWfwAMkwQaWhKWTD%2Fl9DeSa66099hSOBegvpNtRPmwkNPBbK1CJEw2ExBgklT0WV9%2BIYMr5Qc7j1UmtTN9DfwKztKBTKh7odPt7lzcfEg3uBCF%2BH%2F6ClDgoZjhA5PokCYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
81163235accc3a54-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
MTm1w7RPOFlXxF1eTQgmVNuvFrsnADNmEK7NkAe0AhUPNAxz3u_b0g==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		823 B
600 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"dbf296002d53e56d340b105d9d764940"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKp%2F3EkHembrhHFi1837ky84jqYVOWouL10P0TS9qjyODJ7TaF2VtKfq%2BdgXf75d5GFF2puUV%2BdfK4vEs2jsqqRpCipU%2FVGF9gfE2r8GZpTSFk8F51XUNJeibYobeSAYyqkEU8mnWZd%2F4rpxhjZhzL0H8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
811632359cbe3a54-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
nrIQUJgnf8oXyMqiWa34Kq0pAblqpO-YjYebKuNhQHH_5qFoM6ykzg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"9b853b50f37dd0ca770ce0f294d427df"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dmDXYEr3xtycm1eW69j%2Fys36L5gejZMF2VrHe5FqVP5%2FiQz9HJwygG4jpOU3dt9ZsKOOKAJ0TgCyCzhAoerEb8RUH1flFUfjREsXeeS%2BsjI0j%2FsMc2HYUdJaxauFFyfJAoXHflLN6Ulf2aRtbIHIPeF4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
811632359cc13a54-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
VdecoF_KwuozuJftJYgNLJBDloHJZYPtGa5q7ew4HqQrsnNVanJ5iQ==
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.4_u6xvZ1Iis.O/d=1/rs=AN8SPfrMgkm2vdLg_AJGlBi0tw7omLAzvQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 13:56:47 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.4_u6xvZ1Iis.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrMgkm2vdLg_AJGlBi0tw7omLAzvQ/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.4_u6xvZ1Iis.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrMgkm2vdLg_AJGlBi0tw7omLAzvQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.4_u6xvZ1Iis.O/d=1/rs=AN8SPfrMgkm2vdLg_AJGlBi0tw7omLAzvQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18af2bf64a77a50bc46c1fe63efbaee38ab0e0fb8c47976bc4c159f2505550cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 17:19:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78183
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 17:12:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 17:19:28 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		100 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"ae737a19e46fd502ba9cbe9e33213861"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4i2pYyM6cqjq74m7SP%2F%2BFOAc8VuKKKyoXPi%2ButRViDVfuh%2BJrEHwhhJ6S5PqWB%2FihHJjjwZ2wD7FzRxwfk%2F2V4P6MbQcNhnJDXgQ5rRnyYxT3WQBj6L4uDwU%2BGu9XuYn9%2FPIf7cVsSVmaWSIkRMVQ61wg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
811632359cc53a54-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
C9HFes6fw0rNAnLGZFhuZ06UNrEQVOpYjDqefh3n-LqDgt_9O4gxzQ==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"da06df503ced6ee507b5fb4fa0999f74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykQuMjnbtGTQYlobvFUUSLmqZX9oLSfbRYaZvAbq3JC4Uq5mAqiefq7rzl2W%2B545btn4Z4i9VW1mPF%2FDL7KyIv6le4ikRGXAIJ4lqLklJQ6OaJUYhFAM%2BWFBvMdKg9CW45kHMW%2F6u4Uu848N8XWKPeRukw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
81163235acd03a54-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
MTm1w7RPOFlXxF1eTQgmVNuvFrsnADNmEK7NkAe0AhUPNAxz3u_b0g==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		823 B
725 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"dbf296002d53e56d340b105d9d764940"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQi8pbfcJx7HmaH4zewNO32PGeKPjFWRz7VBeFbg7f72qckcorkOCIghIb5MQSwFx3KoCegRNvQ2p%2Bvft%2Bc0zSBkaUI5M%2FUiF9u2WQ%2BFY75S00HxIaLkgOtGDzA4W%2BGUO5UE%2BUu3BdYR8jzSPc8%2BRd83EA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
81163235accb3a54-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
nrIQUJgnf8oXyMqiWa34Kq0pAblqpO-YjYebKuNhQHH_5qFoM6ykzg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/ 		2 KB
943 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=c597f1ee3e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c597f1ee3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"9b853b50f37dd0ca770ce0f294d427df"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0CI2Qjq%2F9oQD2ueJouifKALUSPtLhkiI4DbIQrVWjMF5ndRL%2FPk9aiWqcDt6%2FN%2BvKQtOZqytI%2B3WxMcnKrw9x2TTxTYm5ExEa7uDLh8X6kYE%2BVrd9j%2Bxj5i6tqU2UBE9D%2FJGaopJxnPAU6%2BYrKK1aNjww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
81163235acc83a54-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
VdecoF_KwuozuJftJYgNLJBDloHJZYPtGa5q7ew4HqQrsnNVanJ5iQ==
flexiproduct.html
www.booking.com/ Frame EFF1
Redirect Chain
  • http://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.4530034...
  • https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.453003...
159 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-108.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d04f735f2475163cd25f7d7483405f5e82c7c404c1abb81f286a0b1efef785b1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
br
content-length
54061
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 14:01:21 GMT
nel
{"max_age":604800,"report_to":"default"}
report-to
{"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
server
nginx
strict-transport-security
max-age=300; includeSubDomains
vary
Accept-Encoding, User-Agent
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-id
dtrJFBoSLtX8ZvlJY8Qh9nWutJ8vor_i8ZLv0YsG9_vKafGrKQqVWg==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Thu, 05 Oct 2023 14:01:21 GMT
Location
https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Server
CloudFront
Via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
X-Amz-Cf-Id
2ZBqUXeZdWIhALrCaK6mmIIGdFi0qOr1edwlyGiwdKIsgqGaq8NhNA==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Redirect from cloudfront
1594927.jpg
cf.bstatic.com/xdata/images/hotel/max1024x768/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1024x768/1594927.jpg?k=4fc3e2877f64da60b38b2d9bdc37246d6fa306fcd53cbf02ae9d30e818d56610&o=&hp=1
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0eb7ddc82a9a4cb2e6ed4804d0c0cb3b8746e2de676aeefea601724ec4bcd39f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 06:29:52 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
age
1236689
etag
"ce5089e0b2edd332300d06919297ab5a5b0d6e69"
x-cache
Hit from cloudfront
content-language
38266
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
vE-_F3NO2agKzKKa04wIMkaG1g40iFeQ50gwRxbzZdk6kWsfshGtVw==
x-xss-protection
1; mode=block
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900&display=swap
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://marcinelleapartoteldesjardinsd.bhotel.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:18:42 GMT
X-Content-Type-Options
nosniff
Age
510159
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
35448
X-XSS-Protection
0
Last-Modified
Thu, 29 Jun 2023 16:14:39 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 28 Sep 2024 16:18:42 GMT
widget.js
widget.getyourguide.com/pw/latest/client-loader/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffffad0e6bd2527414de953f145e050f53548626d9bf8c79047b4475ce437c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
8243MX9J2XHX1E2D
age
81
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SPS6apEX/ekyv2csQBSHEF+m5W+bxDYWspdlVPeGxRZFJWYOHY2jffWWLkb3bugRiMpudQZzGBY=
last-modified
Fri, 22 Sep 2023 12:22:00 GMT
server
cloudflare
etag
W/"dd834ed530c58edb16fe4c267a38c4e3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=100, public, must-revalidate
cf-ray
81163235de8791ef-FRA
pa-main.1696420253264_c5799312b10b6eea0a04ca8a911947b21d30392a.umd.production.min.js
widget.getyourguide.com/dist/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/dist/pa-main.1696420253264_c5799312b10b6eea0a04ca8a911947b21d30392a.umd.production.min.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00a96eb122831d55994ed385065c5fb1828794ab514dc8a72ce96f94aee8f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
WY1HRNKAQBFE64KX
age
2740
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
MZCNTl9zbj385+oAD5Y/jgB5sQtLLA7tAfh5zH95hfOb/OFaKpENQDoMGBETCzVzL7JMcZr56J8=
last-modified
Wed, 04 Oct 2023 11:51:14 GMT
server
cloudflare
etag
W/"9524dc8169b8e73c8e78814c07559def"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, must-revalidate
cf-ray
81163235de8991ef-FRA
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-solid-900.woff2
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5

Request headers

Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
Origin
http://marcinelleapartoteldesjardinsd.bhotel.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
150020
last-modified
Tue, 01 Aug 2023 19:25:32 GMT
server
cloudflare
etag
"a8dcee416ebfe6e615e5902a49500e48"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FijDA0CUt3GlQGUe%2B%2BtOTPpo1L7t8GhIjDU56%2Fa05HP%2BnRAhbuwyZCLMSMu0fcGh6LUrnuq2cKoNQ%2Bgyp9ePqX6MPmNB4dfXHXtdtjpRTeFo9a83IJ7s1Td%2B5AgsEkk0J%2BhSTgsBX8zLUiR0bEECWg4N0g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
811632360d913a54-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
wxlaJn9WJ-DWuNYobdX9JN4Ujj_65idF1QWFZCzG4byMB5QI0Efs4A==
_gnikcart
widget.getyourguide.com/ 		61 B
768 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/_gnikcart?q=eyJwYXJ0bmVyX2lkIjoiS0FDSk1JViIsInVybCI6Imh0dHA6Ly9tYXJjaW5lbGxlYXBhcnRvdGVsZGVzamFyZGluc2QuYmhvdGVsLnRvcC8ifQ%3D%3D
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
804e22f902f093664eb8512aa2752fb15b590d66258631322e18fbe6ade3661e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' data:;report-uri https://o551949.ingest.sentry.io/api/6033708/security/?sentry_key=0fcdc4a9b90a482e9975c8356e76b3e3
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:21 GMT
content-security-policy
default-src 'self'; script-src 'self'; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' data:;report-uri https://o551949.ingest.sentry.io/api/6033708/security/?sentry_key=0fcdc4a9b90a482e9975c8356e76b3e3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
Express
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9bd886f7-e116-4438-84dd-99b6a090ecf1
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3d-yvje/nqEmLhuvC4l6696VEfj8+U"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
http://marcinelleapartoteldesjardinsd.bhotel.top
access-control-allow-credentials
true
cf-ray
8116323629e01cb5-FRA
1c85e65b871a7f1a4e932532568545cf034db610.css
cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/ Frame EFF1 		484 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0f3e34bdcc1b20a94e6bcfcfdb28763dd1d1d8bc1313ab9e4eb725d98e9b8e40
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 13:21:01 GMT
content-encoding
br
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
2162420
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jul 2023 12:27:54 GMT
server
nginx
etag
W/"64c262ca-78e1d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
HX9FKrqrX19FLR4nHq8QOC0Rsf5N47rVf3Hjj4fM2oDDWKNvBjUCUQ==
expires
Tue, 10 Oct 2023 13:21:01 GMT
80f233253dc274b95a7f9cb323c7126b657ea7ae.png
cf.bstatic.com/static/img/b26logo/booking_logo_retina_light_bg/ Frame EFF1 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/b26logo/booking_logo_retina_light_bg/80f233253dc274b95a7f9cb323c7126b657ea7ae.png
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d28d43698c2b701e031172c0f98f35b539aca2a63606c8959473f54e071298a9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 08:38:29 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
2006572
x-cache
Hit from cloudfront
content-length
5066
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:50 GMT
server
nginx
etag
"5cadd1ce-13ca"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
j3uQOr-xbREUxGt9FObodn5HPHW7sB_c0LsoavpQr-Py9b6LFMNvTw==
expires
Thu, 12 Oct 2023 08:38:29 GMT
0acd2ada6c74d5dec978a04ea837952bdf050cd2.js
cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/ Frame EFF1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf050cd2.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c3f06cf6ded52069a79551343aca5f2269a048cedb9fbacd3cfff7136980659c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 19:02:46 GMT
content-encoding
br
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
932315
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 21 Dec 2022 14:29:30 GMT
server
nginx
etag
W/"63a3184a-180b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
kx7K7MGQzluZmxRXMPYY0Y3uxVKFXFkbva9OGrKqK1vXtdDYBSC3LA==
expires
Tue, 24 Oct 2023 19:02:46 GMT
e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
cf.bstatic.com/static/js/jquery_cloudfront_sd/ Frame EFF1 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ad7526d50b7586ddfaee62b3fc95e71207136dc08f6a2b7ffd671ded73fab83
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:15:15 GMT
content-encoding
br
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
2385966
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 28 Jun 2022 13:43:41 GMT
server
nginx
etag
W/"62bb058d-19a42"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
ertq9RJVCacKzSo0jEr7Yt1_AyBqLKBGHn5ZMyypQQOe6H0jKwr_MA==
expires
Sat, 07 Oct 2023 23:15:15 GMT
4b7a7f25894c6930265f0325889ed948adabae69.js
cf.bstatic.com/static/js/bui_inlined_cloudfront_sd/ Frame EFF1 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/bui_inlined_cloudfront_sd/4b7a7f25894c6930265f0325889ed948adabae69.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
77a9ece576f0a1c826a9970192a202980487a97e15967151c1241358e541807a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 23:27:05 GMT
content-encoding
br
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
1262056
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jul 2023 12:27:54 GMT
server
nginx
etag
W/"64c262ca-198bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
684Syrq6gZtuyFXi1doJ50SsgYJKa-kYP_1p8CrP4RhChP2Suhy1Xg==
expires
Fri, 20 Oct 2023 23:27:05 GMT
5a35235454cb19f6b6094042d978e1ee21c29c2d.js
cf.bstatic.com/static/js/affiliatewidget_map_cloudfront_sd/ Frame EFF1 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/affiliatewidget_map_cloudfront_sd/5a35235454cb19f6b6094042d978e1ee21c29c2d.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c376ad6bdfc8953fcc97bd6d09b11c75a652a26eeaf1ae056bf268600b5dd27b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 06:50:52 GMT
content-encoding
br
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
2531429
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 15 Aug 2022 09:04:00 GMT
server
nginx
etag
W/"62fa0c00-2557b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
EIM5dELONtTEkjQskO6oO4GBBMtQ8bfh-fLfBWCO_W-UidHH_DS5Dw==
expires
Fri, 06 Oct 2023 06:50:52 GMT
ce02cc91e60b353c0cf45a97886f2e6a70912213.js
cf.bstatic.com/static/js/atlas_v2_cloudfront_sd/ Frame EFF1 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/atlas_v2_cloudfront_sd/ce02cc91e60b353c0cf45a97886f2e6a70912213.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3644394a488d3937d291c4d1539b16b154fc951fbc5702430c40d3f43a6d1e5b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 13:21:01 GMT
content-encoding
br
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
2162420
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 01 May 2023 08:39:20 GMT
server
nginx
etag
W/"644f7ab8-ef66"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Ar6Exs4hQUi0mAUXwWVpnaAZtByaaJhpuLy1SdWrwsyt9I0396NOiA==
expires
Tue, 10 Oct 2023 13:21:01 GMT
35a0f9a0dfc4fd47ae5f123184b6c94bf27425f5.js
cf.bstatic.com/static/js/affiliatewidget_map_modules_cloudfront_sd/ Frame EFF1 		220 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/affiliatewidget_map_modules_cloudfront_sd/35a0f9a0dfc4fd47ae5f123184b6c94bf27425f5.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d4ecb944cfb2e5e2257cdc2b18ddca4e86bacd135606c7f3fd2b45a597905310
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 14:38:24 GMT
content-encoding
br
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
170577
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 03 Oct 2023 14:24:30 GMT
server
nginx
etag
W/"651c241e-371c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
ponAk_n0jQEc1iITk2ZCZ8oWsYAu1XNzcRh6Q9ekZNwEPewOfuQSlw==
expires
Thu, 02 Nov 2023 14:38:24 GMT
1e4baed6db1cd89e71904e678f0a70b0e701ea9f.js
cf.bstatic.com/static/js/searchbox_cloudfront_sd/ Frame EFF1 		239 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/searchbox_cloudfront_sd/1e4baed6db1cd89e71904e678f0a70b0e701ea9f.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=map&w=100%25&h=590&lang=en-US&aid=2393715&target_aid=2393715&dest_id=0&dest_type=landmark&fid=1671148675595&latitude=50.38117981&longitude=4.45300341&landmark_name=Marcinelle%20Apartotel%20Des%20Jardins%20De%20La%20Fontaine%20Qui%20Bout&mwhsb=0&address=Avenue%20Des%20Tilleuls,%2026,%206001%20Charleroi,%20Belgium&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8d1d436ecf784f33e1e6d88c6565956b8ee5de293b6251a3525b865103de4bf7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 09:50:25 GMT
content-encoding
br
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
1829456
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 14 Sep 2023 09:24:02 GMT
server
nginx
etag
W/"6502d132-3bd76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
vGkehbD3jnzm_Zo-1CXaBr8Grkv0losDfqALwUSzxNishzWwaE75Tg==
expires
Sat, 14 Oct 2023 09:50:25 GMT
07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg
cf.bstatic.com/static/img/cross_product_index/accommodation/ Frame EFF1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/cross_product_index/accommodation/07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a0ff1db86f13d31743f7e0c4d1c45fe7953cd5089d91be2a2ce3d12f7a4beae2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 22:24:22 GMT
content-encoding
br
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
1093020
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:51 GMT
server
nginx
etag
W/"5cadd1cf-7f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
avgFtZB7FaLDpze8R0ktwUNJHjU75S4lJyaDb9wASGV95SzMs0mesQ==
expires
Sun, 22 Oct 2023 22:24:22 GMT
dd1af0dfe8835b14799d07702a4cd70159c649d5.svg
cf.bstatic.com/static/img/cross_product_index/calendar/ Frame EFF1 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/cross_product_index/calendar/dd1af0dfe8835b14799d07702a4cd70159c649d5.svg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
21edfeed321858e780d840b2e215d4d77b2e80fcdace1916bfb1254596b4cedd
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 19:05:55 GMT
content-encoding
br
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
1709727
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:52 GMT
server
nginx
etag
W/"5cadd1d0-c6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
eLTnWEL8v_KWiDaB04zP9_6oN0xtS8740nNpgP-QM80TfCUh1jjqdA==
expires
Sun, 15 Oct 2023 19:05:55 GMT
fb6f63d62231f9fe552d79b5448620b2e63c726e.svg
cf.bstatic.com/static/img/cross_product_index/toggle/ Frame EFF1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/cross_product_index/toggle/fb6f63d62231f9fe552d79b5448620b2e63c726e.svg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dbc5c6cc8dc52fe293be4d79d32c85f9e8d9baa9867653927dda0c1b905a3505
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 03:50:15 GMT
content-encoding
br
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
2542267
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:51 GMT
server
nginx
etag
W/"5cadd1cf-5e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
LU0RxfamiUqKW1GdrccbtgpW6Dc0-kZqcg9m0MfZcWdjDFd_g8LgVw==
expires
Fri, 06 Oct 2023 03:50:15 GMT
b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg
cf.bstatic.com/static/img/cross_product_index/guest/ Frame EFF1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/cross_product_index/guest/b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3668c35c677731ca1295a5f13ad82d97bc77aeb701720456f392e5bd888f2ef
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 03:50:15 GMT
content-encoding
br
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
2542267
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:51 GMT
server
nginx
etag
W/"5cadd1cf-63d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Bod2jb3vygnQH6JZi_4EA91caj0PhHkBv9RjFm2DIhw4n8utpRFMdQ==
expires
Fri, 06 Oct 2023 03:50:15 GMT
js
maps.googleapis.com/maps/api/ Frame EFF1 		211 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/atlas_v2_cloudfront_sd/ce02cc91e60b353c0cf45a97886f2e6a70912213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
3aa2464cabfae7ec94c43782fed863f293fc31e48e4ce9fa5e19d9cec3ffb534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71543
x-xss-protection
0
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame EFF1 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.booking.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame EFF1 		260 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/53/14/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58ed94893e4142be2847d35ed50d8c3cc9a9aca281143d7794658cb3adb82a9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 09:38:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
102147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57767
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 04:14:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 09:38:55 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame EFF1 		159 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/53/14/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
143541f596e492db378b791f22a1bab26b16aba740a6b3627d09fe9e56323d66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
97443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51065
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 04:14:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 10:57:19 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame EFF1 		74 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/53/14/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2208c3e38e04a6a0476ec080cc3ea3bb9af82621fc2158b2d58de82c2fffc68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 00:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
394395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23841
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 04:14:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Sep 2024 00:28:07 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame EFF1 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/53/14/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100743aa1204f8b3e6480c51c2759c6e8beed573fbf21ab7d67188a5f6923dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 05:23:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
31067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1262
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 04:14:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 05:23:35 GMT
66bf86dee54530a7bbd96bc0aa678a645960d474.png
cf.bstatic.com/static/img/use_sprites_16_exp/ Frame EFF1 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/use_sprites_16_exp/66bf86dee54530a7bbd96bc0aa678a645960d474.png
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d200:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5e8f8af5bb822648eb2f343706c44b6c213dcd461583dc23a6a4cb02444e3800
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf.bstatic.com/static/css/affiliatewidget_map_cloudfront_sd/1c85e65b871a7f1a4e932532568545cf034db610.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:10:06 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P5
age
2425876
x-cache
Hit from cloudfront
content-length
19923
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:56 GMT
server
nginx
etag
"5cadd1d4-4dd3"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Nk87MtixpiHOsPmiXGvHriPZXE8GM2owfjDx3-aqMO4I02-Jk9ISGA==
expires
Sat, 07 Oct 2023 12:10:06 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame EFF1 		326 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Requested by
Host: marcinelleapartoteldesjardinsd.bhotel.top
URL: http://marcinelleapartoteldesjardinsd.bhotel.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Thu, 05 Oct 2023 14:01:22 GMT
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame EFF1 		35 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.342032502974924&2d4.3221682877704515&2m2&1d50.4202503762504&2d4.582053479621214&2u14&4sen-US&5e0&6sm%40665000000&7b0&8e0&12e1&13shttps%3A%2F%2Fwww.booking.com%2Fflexiproduct.html&14b1&callback=_xdc_._wzneu6&client=gme-booking&channel=booking-frontend-affiliate&token=18133
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/53/14/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
99738cb5ef17b36aa53899a621cad3ac2ec5e92072792cf68a1666bfd69aab24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 14:01:22 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=74
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3850
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/53/14/ Frame EFF1 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/53/14/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?callback=GLOBAL_ATLAS_GOOGLE_MAPS_CALLBACK&channel=booking-frontend-affiliate&language=en-us&region=en-us&client=gme-booking&v=3.47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58d61dee1094a2d426ab3e23ff75d276573ba9fa2a041b700f71f41cf4491599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 10:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
272278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8998
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 04:14:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Oct 2024 10:23:24 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame EFF1 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.booking.com%2Fflexiproduct.html&2sgme-booking&3sbooking-frontend-affiliate&7m1&1e0&8b0&callback=_xdc_._a6qwrr&client=gme-booking&channel=booking-frontend-affiliate&token=3162
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/53/14/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
5ff8a8c5061f4144749aed40f0d711ef532dc96634dd5a0ef100481e5ba51d2f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 14:01:22 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=14
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame EFF1 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.booking.com%2Fflexiproduct.html&2sgme-booking&7sd8x4lp&9sbooking-frontend-affiliate&10e1&11b0&callback=_xdc_._s9v1g2&client=gme-booking&channel=booking-frontend-affiliate&token=69726
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/53/14/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
f5b7949a86f34bf52a9ee235eac57b182eb367321c9d97631c0a6180de0c4534
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 14:01:22 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=18
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activities-auto.frame
widget.getyourguide.com/default/ Frame 56A6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0ce704542f3bf200d47403c452a1cc57514a0063af6d985bb751677c50a681ca
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'sha256-DBIXcXpBYtmFp8+4W6tTzVkeLJH78ky0yioGTFrephc=' 'self' 'self' https://cdn.getyourguide.com *.getyourguide.com *.gygtest.com *.gygkube.com https://static.cloudflareinsights.com https://challenges.cloudflare.com; connect-src 'self' https://cdn.getyourguide.com *.getyourguide.com *.gygtest.com *.gygkube.com; img-src 'self' https://cdn.getyourguide.com data: https://api.maptiler.com; style-src 'self' data: 'unsafe-inline' https://cdn.getyourguide.com *.typekit.net/; font-src 'self' data: https://cdn.getyourguide.com https://fonts.gstatic.com https://cdn.ek.aero/shared/fonts/emirates/ *.typekit.net/; base-uri 'self'; object-src 'none'; frame-src 'self' *.getyourguide.com *.gygtest.com *.gygkube.com https://challenges.cloudflare.com; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8116323cb93f1cb5-FRA
content-encoding
br
content-security-policy
default-src 'none'; script-src 'sha256-DBIXcXpBYtmFp8+4W6tTzVkeLJH78ky0yioGTFrephc=' 'self' 'self' https://cdn.getyourguide.com *.getyourguide.com *.gygtest.com *.gygkube.com https://static.cloudflareinsights.com https://challenges.cloudflare.com; connect-src 'self' https://cdn.getyourguide.com *.getyourguide.com *.gygtest.com *.gygkube.com; img-src 'self' https://cdn.getyourguide.com data: https://api.maptiler.com; style-src 'self' data: 'unsafe-inline' https://cdn.getyourguide.com *.typekit.net/; font-src 'self' data: https://cdn.getyourguide.com https://fonts.gstatic.com https://cdn.ek.aero/shared/fonts/emirates/ *.typekit.net/; base-uri 'self'; object-src 'none'; frame-src 'self' *.getyourguide.com *.gygtest.com *.gygkube.com https://challenges.cloudflare.com; worker-src 'self' blob:
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 14:01:22 GMT
etag
W/"3102-zZd6TG3vVBFAgNXCOLLtYSCf0Qw"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
47
x-powered-by
Express
x-request-id
79f497f0-eaf9-443e-a4b9-ad5a6b9096cd
x-xss-protection
1; mode=block
6ba5190.js
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 56A6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/6ba5190.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
581b13cb3ccc031c826094f69428457aa4b56a5d226442d158b1e22e91264217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:45 GMT
server
cloudflare
x-amz-request-id
XFZCPCE70F4C97CB
age
4484
etag
W/"b22d2b676c3c6791e6eb58a335d5a11c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae62bbe9-FRA
x-amz-id-2
Arwl5AEbEAj+6mlxSDWHr0XaHROMv2393/tqfweHYQJv5yoN+e6uFkSujKwP7xL9XWJzTgn5CLA=
b1ffc12.js
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 56A6 		246 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/b1ffc12.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76e4be2df1b322492333c39f18965f12c6041eeabe2c2dfa8e328be4a9551277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:43 GMT
server
cloudflare
x-amz-request-id
XFZ9CDA4SKV19K7Q
age
4484
etag
W/"37e87e24d66beb413deb4048b8c5cc1e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae65bbe9-FRA
x-amz-id-2
uiiJDfLvU21Fth0wFCyS5vYk22jDnRFY4E069xq1YW8LultlU1SyJphZ6lO9MbUOFjwStg4j+OA=
e77e497.css
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/ Frame 56A6 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/e77e497.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b1438856adc2cf81c2b6ce863fe931ec1c2247eed28058a4e5bcdce38ab3509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:46 GMT
server
cloudflare
x-amz-request-id
XFZ5HC1EZ36MM6W3
age
4411
etag
W/"be7ca861bccef48665ff20f4066025da"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae56bbe9-FRA
x-amz-id-2
SrBmbSuJvcV++muJ/Zw0zvLxoQL6O4h88cqoTgvXKG69RS4eM6k71Dt4J/Cjv2obJuwGdEHTYUM=
d806ac0.js
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 56A6 		320 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/d806ac0.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78007a8457a4b60fb79ecdef81d4c7fa43f9841d500d7b5301213aac0dd0acb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:42 GMT
server
cloudflare
x-amz-request-id
XFZD728BYCB9RWH2
age
4484
etag
W/"5470afce5898844d806790779bd8d3df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae7cbbe9-FRA
x-amz-id-2
9Ej2MlQ/RCRwvLbdSSF16/UcYq3M6P6BfomX/DqYkotAxsPgwJzhvYV5BxxcBkuVF+3MJMhwJOo=
f1983b6.css
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/ Frame 56A6 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83af418cd23e96948e8971b338668828614a6763726b6554af715b500c152441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:47 GMT
server
cloudflare
x-amz-request-id
XFZDKVG4580HNGEY
age
4484
etag
W/"b3da1072f97e229abe0ca7221d7e757e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae5abbe9-FRA
x-amz-id-2
ccEO6UyL9VPDDENQfiKG7i2KXETQCBqo7wUBxp7ga390W5ZLS6lQamejTHDLyRBgpfSHKQLuebM=
a912f21.js
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 56A6 		101 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/a912f21.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fcddfcf7954f7f0b8dd4b2bfa1835030d3e23784e3dbd50ce4f815efa8c446c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:44 GMT
server
cloudflare
x-amz-request-id
XFZ4HK5GQ9Y9NCCD
age
4484
etag
W/"d46f0c56c2ea032a1d93dc5b82c2e02f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae6abbe9-FRA
x-amz-id-2
2jP697nxCQr9Un71VGDFxDe8L9TYxHHxjHE4f7u24RG/lyJDDXMW5IgPCgnWXond4h2mprzXkOA=
4d2554e.css
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/ Frame 56A6 		901 B
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/4d2554e.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43b830eb512b12be972f6fc0f7f355d650237ee3e4b7a8da7fa62caac0189ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:47 GMT
server
cloudflare
x-amz-request-id
CFFSH3F7AS0DWM7S
age
4404
etag
W/"df87dd955d98b176761dc214c7de9486"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae5cbbe9-FRA
x-amz-id-2
pZ0HWBp+5shfJldh/COa48JzpzOhLyB0MaODIHwsqyJCeylZTZ6XnKC6SkugERr3aqJ9Png5+VI=
5382194.js
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 56A6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/5382194.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaeffb11665b3ae9f2057e572bf17a43f68680b05930588ae87b7149a9bdaa10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:45 GMT
server
cloudflare
x-amz-request-id
CFFNW2RHSSPDACKD
age
4404
etag
W/"9d3fb88b214e323ca65eb04c24032b29"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae68bbe9-FRA
x-amz-id-2
deROF960+xcKuxdEejYP4Gjbdp0SriF1tIOoHTmig3Nn8etrl6/ksPNEzRjYhW+KGKBVWQBvCjs=
1ac56ef.js
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 56A6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/1ac56ef.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d240bc2caa167854748860a164ffa11c0af99c3ea2e123a1f0aa84c3de6e4412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:42 GMT
server
cloudflare
x-amz-request-id
G76736YPT5K4JYB6
age
4464
etag
W/"5f1d8592b8d93d7b486973ad94ba741e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae83bbe9-FRA
x-amz-id-2
p+qFLNKIP9JtfoM0syd26ZzduPyGWCApVdsnogFCWVxK1t3GjtWZObbAYn2xCpa9F8NY3p5z38o=
97d439d.css
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/ Frame 56A6 		12 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/97d439d.css
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9268241ddbaa622897845487da61f82d0dd9321cb29c6c12b2c11bdd1b66631e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:47 GMT
server
cloudflare
x-amz-request-id
82HTAJ95YZNNJWZK
age
4411
etag
W/"f3ce8295eb0da9da3754f9db3696a564"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae60bbe9-FRA
x-amz-id-2
bYnORbfhpLedFNx2vrSlucVxJ5qJhJiKCIO42CtJQZwA5lQOfZKCyfOOyxcOzy1fn/U6LdZR1E8=
9efe96e.js
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 56A6 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/9efe96e.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc33d39c444e855b3083d0e4e7bf01de32fe4049a5e5d94ef97f6518ed1e297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:43 GMT
server
cloudflare
x-amz-request-id
82HYVC9MTC8G1C8B
age
4469
etag
W/"f188afe1fb7ef48d98c25daacd113ced"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323dae80bbe9-FRA
x-amz-id-2
Atq3vu1EhTNm/ZWUn2I9fZP8XS4uaEhbdpy9RRL5WTAVUphI19vhiHS2De223waVowJADW/ExOc=
sprite.0d5e56a.svg
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/img/ Frame 56A6 		65 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/img/sprite.0d5e56a.svg
Requested by
Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/d806ac0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
950de79962ebb9dcac4653e59c1fb51a47257b07732dccb7ef47d3670e062075
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YEW4S1VHPK8HNF9H
age
4408
x-amz-server-side-encryption
AES256
x-amz-id-2
a1aAqSFLtV/6se+55svs/DVnfpbmnGHYfB24zkX6OQ1vK1LotCBm2qFGotWiXzhdKjDQWbYzOpw=
last-modified
Thu, 05 Oct 2023 12:41:47 GMT
server
cloudflare
etag
W/"0d5e56aeabb60e60ce4f4a7479bde860"
access-control-max-age
3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323e9a90367f-FRA
ace58b7.js
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 56A6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ace58b7.js
Requested by
Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/6ba5190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fbe3b20418d1080ef421d3d4ce2c35b16fc5b1eea5bdb2c89656798fa940c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:44 GMT
server
cloudflare
x-amz-request-id
YEWFHDNHC88KK5N9
age
4404
etag
W/"639150899278e7e392f078a459af1109"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323e8fd8bbe9-FRA
x-amz-id-2
RWGcUen0Fltk9vsgMFjFbC6d1BpJ3xVFznsCJXFCzjo43aUxp/tAnpajOF29gf1d92aL+CGMCJI=
7375d4e.js
cdn.getyourguide.com/pwn/client/v2309.f1a8afb/ Frame 56A6 		80 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/7375d4e.js
Requested by
Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/6ba5190.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c80486a6f1a9415c29d1c14599b2eb25a7cf6d5a48f7919ef6be2a1416db601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 12:41:42 GMT
server
cloudflare
x-amz-request-id
YA90XFB70KEQBPBW
age
4478
etag
W/"972274350f4fae50456201f9a53b0e07"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=1000, public, must-revalidate
cf-ray
8116323e8fe1bbe9-FRA
x-amz-id-2
UYXEHW0ZsMSrH4O2WD7Edrs35ZQ+hynpT2E6YfKmaaDYKwRp772f8Wb7VLOmOc+FrE/GqcxckHw=
auto-widget-context
widget.getyourguide.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/auto-widget-context
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://marcinelleapartoteldesjardinsd.bhotel.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers
activities-auto.json
widget.getyourguide.com/ Frame 56A6 		11 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/activities-auto.json?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B&model_type=location
Requested by
Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/d806ac0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3fdb21dd68df29d009805c2a1157efc4b9ed7a67f9cb3325227f6dad9575f2b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

x-request-origin
user
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
visitor-id
F748C5DC18294667B4270602036BF34B
Referer
https://widget.getyourguide.com/default/activities-auto.frame?widget=auto&partner_id=KACJMIV&widget_created=1696514482666&sha=356f1917-44db-5d85-b273-12785989a3b9&website=http%3A%2F%2Fmarcinelleapartoteldesjardinsd.bhotel.top%2F&visitor_id=F748C5DC18294667B4270602036BF34B
x-gyg-geoip-country
DE
x-gyg-anonymized-ip
IPv6-DE-00000002-285394f814d79d1f29f8f96688fd11049e1a2615a0694e06706163f6812122ad610ad1aaf27b4e62787976234beb31d8cb90803176e7b302769ccd383f7c2291
x-gyg-request-user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-request-id
79f497f0-eaf9-443e-a4b9-ad5a6b9096cd

Response headers

date
Thu, 05 Oct 2023 14:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
Express
x-envoy-upstream-service-time
117
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c7b3eba8-538c-4df5-b548-575d9178eaf9
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2c5a-NZC1HkaQ+3F+Mg/uKakrOzI7owg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cf-ray
8116324afbe91cb5-FRA
GT-Eesti-Pro-Display-Regular.woff2
cdn.getyourguide.com/design-system/GT-Eesti/ Frame 56A6 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/design-system/GT-Eesti/GT-Eesti-Pro-Display-Regular.woff2
Requested by
Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b42ca74fffb2087dee37c14a0ff0dbcdc0f36b7b76799e95552a6089120969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css
Origin
https://widget.getyourguide.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
3RZTBB7WN3WPWDDH
age
78943
content-length
57208
x-amz-id-2
+Bp1XEgqpMx+85T/+lsdpJOICzHE50n/5v+sNILNe8nzLHHuAXg5g5tnW5FNPuKcvMLffzv9VFU=
last-modified
Sun, 03 May 2020 10:59:39 GMT
server
cloudflare
etag
"0bee8cc037c7f39e423052107135c488"
access-control-max-age
3600
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31536000, public, must-revalidate
accept-ranges
bytes
cf-ray
8116324c0ab1367f-FRA
GT-Eesti-Pro-Display-Bold.woff2
cdn.getyourguide.com/design-system/GT-Eesti/ Frame 56A6 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.getyourguide.com/design-system/GT-Eesti/GT-Eesti-Pro-Display-Bold.woff2
Requested by
Host: cdn.getyourguide.com
URL: https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b42fe227cbaecccbd5d441b1c9c149ade479067d5a258f614145b3342be951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.getyourguide.com/pwn/client/v2309.f1a8afb/css/f1983b6.css
Origin
https://widget.getyourguide.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
HJ9D6ZEPW1YWFZ88
age
78959
content-length
60740
x-amz-id-2
LbL7GAhISEPwK+OMSYrRrmVE1Qh4pVnjRgbBnJUoH6NNhJ/S/e9oG/Nfyx3ZxDYOwFWbO3+Je2k=
last-modified
Sun, 03 May 2020 10:59:39 GMT
server
cloudflare
etag
"f6291b623a5e487339b42d260847a9e3"
access-control-max-age
3600
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31536000, public, must-revalidate
accept-ranges
bytes
cf-ray
8116324c0ab6367f-FRA
156.webp
cdn.getyourguide.com/img/tour/6492febd34314.jpeg/ Frame 56A6 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getyourguide.com/img/tour/6492febd34314.jpeg/156.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c982f5c3d5a54cf83188a7ec02c55c66963f51dac6f3712cabafca0fe7e9755a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:25 GMT
x-amz-version-id
null
via
1.1 e8db52ad0d3fecfd90e4c894d8b6f866.cloudfront.net (CloudFront)
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
LHR61-P4
age
2244234
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
106430
x-amz-expiration
expiry-date="Thu, 19 Oct 2023 00:00:00 GMT", rule-id="cdn_images_delete_old_files"
last-modified
Mon, 10 Jul 2023 15:08:06 GMT
server
cloudflare
etag
"62c10e9e5315c84700d217c7211a31aa"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
8116324c1aa7bbe9-FRA
x-amz-cf-id
MhYO566pLJq2Cj0AZiLzurxcXHlG3P_UySri5mP0A9rs0Rlf52-pFQ==
156.webp
cdn.getyourguide.com/img/tour/61b335786e2ab.jpeg/ Frame 56A6 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getyourguide.com/img/tour/61b335786e2ab.jpeg/156.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb08b748d5c5ed20a147396450cc0c2f70dd147d2def5508a2deed0e45bee739
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:25 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 7f5d5e89cfaceb195913fbae292db88a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
CDG50-C1
age
721884
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
10967
content-length
100230
x-xss-protection
1; mode=block
x-request-id
d7825ea1-2083-4bc0-8127-3d736e963fea
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 09 Aug 2023 14:35:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8116324c1aaabbe9-FRA
x-amz-cf-id
hD4w3NF95yh8kRjJ2qslXrbxbv-QeV1UjVia7pa273pxjIvHwot0xA==
156.webp
cdn.getyourguide.com/img/tour/bd3704e1c2f76f59.jpeg/ Frame 56A6 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.getyourguide.com/img/tour/bd3704e1c2f76f59.jpeg/156.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:942a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cad4fa230f44b0761f04d7f771d5700b147c901b63cab57c02cfe32b38e5099d
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.getyourguide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:01:25 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 78d8604061740cf37281a862360cef5c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
BRU50-C1
age
1348978
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
350
content-length
156374
x-xss-protection
1; mode=block
x-request-id
7ec1fb72-86d0-4fe2-8abf-b5dd343c0cbe
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Sep 2023 21:44:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8116324c1aabbbe9-FRA
x-amz-cf-id
RXEuZE1g5EO0Xaf6GrZiU6kRLLW0jnVaCIc3w8V1LMIF4J6qAY8q1Q==

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| FontAwesomeKitConfig function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| denyCookies function| acceptCookies string| gygPAStatus object| _GYG object| widget object| GYG object| regeneratorRuntime object| HistoryEvents

7 Cookies

Domain/Path Name / Value
marcinelleapartoteldesjardinsd.bhotel.top/ Name: PHPSESSID
Value: 09c1cab2a22315bbc117b623214a6565
.widget.getyourguide.com/ Name: __cf_bm
Value: iLDQoz0HpHnCL_5hnOtiGs8ebIzU6NjADVjICzqDcW0-1696514481-0-AbVDtxXaKzuMXvNbz20Gl3BZkmZyQIZ3DVIk018ipbrCAv5tm3ExT0HS3xxDDsF4FHWx5UfQdv0NjpM2uzJe3sw=
.getyourguide.com/ Name: visitor_id
Value: F748C5DC18294667B4270602036BF34B
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3Vnru6ygZhy71iOQ9%2BVXt%2FLN7o9jBlTrhb1t%2FzCjzQaGeGEtP5CK%2FltlJqKdcqZdwJB1t1ujbCjd6akdSuaWyXREzr%2BGFwIgFymblPDM0mVEczG3Q4cB1wIkZdgkm4D4vnXpTbR%2BS8ZPBc5X3oW7CcLZz%2F2sf7LLhQ%3D
marcinelleapartoteldesjardinsd.bhotel.top/ Name: session_id
Value: 22845a56-f9ef-4ea4-b198-d542262d12e7
.cdn.getyourguide.com/ Name: __cf_bm
Value: RIOWCnHWZ15EaC112oykqRnfchdoeQCghidTa7R9S8I-1696514482-0-AQ7Jw1Z4CS/V1yZvJXKucOk+5ouep6vIwpIotxaCIb3kWDolsBOzVQQKbZ2Pnd5x64Lw3ZX3TUTZzkXfUsvtfQA=
widget.getyourguide.com/ Name: i18n_redirected
Value: en-US

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-icons-png.flaticon.com
cdn.getyourguide.com
cf.bstatic.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
maps.googleapis.com
maps.gstatic.com
marcinelleapartoteldesjardinsd.bhotel.top
maxcdn.bootstrapcdn.com
translate.google.com
translate.googleapis.com
widget.getyourguide.com
www.booking.com
www.gstatic.com
204.93.224.158
2600:9000:223f:d200:1c:d826:cd80:93a1
2606:4700:4400::6812:2262
2606:4700:4400::ac40:942a
2606:4700::6812:1734
2606:4700::6812:bcf
2606:4700:e2::ac40:8209
2a00:1450:4001:800::200a
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a02:26f0:3500:11::215:14c7
65.9.66.108
65.9.66.14
07fbe3b20418d1080ef421d3d4ce2c35b16fc5b1eea5bdb2c89656798fa940c5
0ce704542f3bf200d47403c452a1cc57514a0063af6d985bb751677c50a681ca
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9
0eb7ddc82a9a4cb2e6ed4804d0c0cb3b8746e2de676aeefea601724ec4bcd39f
0f3e34bdcc1b20a94e6bcfcfdb28763dd1d1d8bc1313ab9e4eb725d98e9b8e40
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
100743aa1204f8b3e6480c51c2759c6e8beed573fbf21ab7d67188a5f6923dbd
143541f596e492db378b791f22a1bab26b16aba740a6b3627d09fe9e56323d66
18af2bf64a77a50bc46c1fe63efbaee38ab0e0fb8c47976bc4c159f2505550cb
21edfeed321858e780d840b2e215d4d77b2e80fcdace1916bfb1254596b4cedd
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554
3644394a488d3937d291c4d1539b16b154fc951fbc5702430c40d3f43a6d1e5b
3aa2464cabfae7ec94c43782fed863f293fc31e48e4ce9fa5e19d9cec3ffb534
3fc06a0a4c56c724a0e609793d991b597b60607c86f7be6719498bb296fe9eaf
3fdb21dd68df29d009805c2a1157efc4b9ed7a67f9cb3325227f6dad9575f2b2
41cddf2dcd942128378479c5fd87a454441f02b678186cff7f9f1a2a16d2247b
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4b1438856adc2cf81c2b6ce863fe931ec1c2247eed28058a4e5bcdce38ab3509
4ea566bcfe25ec81ab2688387def9cb5990637e85a559003486d7f44f434302b
568ccfe210b99ae55c68500f6f9b3397604249b4f5efccb8038fcad5e97e2871
581b13cb3ccc031c826094f69428457aa4b56a5d226442d158b1e22e91264217
58d61dee1094a2d426ab3e23ff75d276573ba9fa2a041b700f71f41cf4491599
58ed94893e4142be2847d35ed50d8c3cc9a9aca281143d7794658cb3adb82a9c
597562fe72f4e8df6f9897bf51967b915b71593f0289463be17f64b6010ccff5
5ad7526d50b7586ddfaee62b3fc95e71207136dc08f6a2b7ffd671ded73fab83
5b0a1f1dc96d286bc1ba6a7f8393d7cc74d073bb6fb26da88cb92b08c5632452
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223
5e8f8af5bb822648eb2f343706c44b6c213dcd461583dc23a6a4cb02444e3800
5ecf289bb9fec6d3045b6a20360114be9c3825a938a09dbbe1215ba8feb09e7e
5ff8a8c5061f4144749aed40f0d711ef532dc96634dd5a0ef100481e5ba51d2f
63f9e635bca6053c2baecd7e90f62ab7223c1425e93fb60fd6c1a8ece6151923
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
76e4be2df1b322492333c39f18965f12c6041eeabe2c2dfa8e328be4a9551277
77a9ece576f0a1c826a9970192a202980487a97e15967151c1241358e541807a
78007a8457a4b60fb79ecdef81d4c7fa43f9841d500d7b5301213aac0dd0acb2
7df0d75d97d77f4c7011d5c34d83e09f39a596fef42bdf9ca18bba1d65437256
7fc33d39c444e855b3083d0e4e7bf01de32fe4049a5e5d94ef97f6518ed1e297
7fcddfcf7954f7f0b8dd4b2bfa1835030d3e23784e3dbd50ce4f815efa8c446c
804e22f902f093664eb8512aa2752fb15b590d66258631322e18fbe6ade3661e
83af418cd23e96948e8971b338668828614a6763726b6554af715b500c152441
8bcef4d15a0c7757ddd9eb4e6a81f65d7aedc5fe6f4ba95d90c5a63381f156ad
8d1d436ecf784f33e1e6d88c6565956b8ee5de293b6251a3525b865103de4bf7
9268241ddbaa622897845487da61f82d0dd9321cb29c6c12b2c11bdd1b66631e
950de79962ebb9dcac4653e59c1fb51a47257b07732dccb7ef47d3670e062075
99738cb5ef17b36aa53899a621cad3ac2ec5e92072792cf68a1666bfd69aab24
9c80486a6f1a9415c29d1c14599b2eb25a7cf6d5a48f7919ef6be2a1416db601
a0ff1db86f13d31743f7e0c4d1c45fe7953cd5089d91be2a2ce3d12f7a4beae2
a3668c35c677731ca1295a5f13ad82d97bc77aeb701720456f392e5bd888f2ef
b274f4465ba51f423c2ce126ffceb150d41dd08d8dc314a4d6381fe89caa579e
c376ad6bdfc8953fcc97bd6d09b11c75a652a26eeaf1ae056bf268600b5dd27b
c3f06cf6ded52069a79551343aca5f2269a048cedb9fbacd3cfff7136980659c
c4b42fe227cbaecccbd5d441b1c9c149ade479067d5a258f614145b3342be951
c77f925476c7b7317df5146bcb0175ed01053aa6df9a270cfe7cb75322c8fff6
c982f5c3d5a54cf83188a7ec02c55c66963f51dac6f3712cabafca0fe7e9755a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cad4fa230f44b0761f04d7f771d5700b147c901b63cab57c02cfe32b38e5099d
cb08b748d5c5ed20a147396450cc0c2f70dd147d2def5508a2deed0e45bee739
d00a96eb122831d55994ed385065c5fb1828794ab514dc8a72ce96f94aee8f1c
d04f735f2475163cd25f7d7483405f5e82c7c404c1abb81f286a0b1efef785b1
d240bc2caa167854748860a164ffa11c0af99c3ea2e123a1f0aa84c3de6e4412
d28d43698c2b701e031172c0f98f35b539aca2a63606c8959473f54e071298a9
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5
d4ecb944cfb2e5e2257cdc2b18ddca4e86bacd135606c7f3fd2b45a597905310
d6b42ca74fffb2087dee37c14a0ff0dbcdc0f36b7b76799e95552a6089120969
dbc5c6cc8dc52fe293be4d79d32c85f9e8d9baa9867653927dda0c1b905a3505
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43b830eb512b12be972f6fc0f7f355d650237ee3e4b7a8da7fa62caac0189ae
e6436f315c30f5a9c128471cee3749edb104516a9b1d8a82168c6b24dac926a2
eaeffb11665b3ae9f2057e572bf17a43f68680b05930588ae87b7149a9bdaa10
f2208c3e38e04a6a0476ec080cc3ea3bb9af82621fc2158b2d58de82c2fffc68
f5b7949a86f34bf52a9ee235eac57b182eb367321c9d97631c0a6180de0c4534
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
fbff658a134f7e8c08c56a7addd60cbfb5ea36612ce6363f5b24a7cdf011cb72
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffffad0e6bd2527414de953f145e050f53548626d9bf8c79047b4475ce437c99