www.booking.com Open in urlscan Pro
37.10.0.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1EpsctHwYOfye5_iA3HShUtg9EzT-RzZbVQzCO819i8mWpynlHCfin2dox34fphSxs_...
Effective URL:
https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-...
Submission: On March 30 via api (March 30th 2021, 11:09:55 am UTC) from BE

Summary HTTP 90 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 90 HTTP transactions. The main IP is 37.10.0.220, located in Netherlands and belongs to BOOKING-BV Booking.com, NL. The main domain is www.booking.com.
TLS certificate: Issued by DigiCert ECC Extended Validation Serv... on November 8th 2019. Valid for: 2 years.

This is the only time www.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:218... 2600:9000:2182:f400:14:ecff:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
5	37.10.0.220 37.10.0.220	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
48	2600:9000:218... 2600:9000:2182:8200:1f:e2ee:200:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
8	104.19.168.117 104.19.168.117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
90	16

1 2600:9000:2182:f400:14:ecff:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

link.sg.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.10.0.220 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2600:9000:2182:8200:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.168.117 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rcstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

4228414.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.220.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-pxikkul2rm.perimeterx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	bstatic.com cf.bstatic.com	957 KB
8	rcstatic.com cdn.rcstatic.com	17 KB
7	bing.com bat.bing.com	9 KB
6	booking.com 1 redirects link.sg.booking.com www.booking.com	111 KB
5	doubleclick.net 1 redirects 4228414.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	6 KB
4	google.de www.google.de adservice.google.de	2 KB
4	google.com www.google.com adservice.google.com	2 KB
4	googletagmanager.com www.googletagmanager.com	175 KB
3	perimeterx.net collector-pxikkul2rm.perimeterx.net	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googleadservices.com www.googleadservices.com	14 KB
90	11

	Domain	Requested by
48	cf.bstatic.com	www.booking.com cf.bstatic.com
8	cdn.rcstatic.com	www.booking.com
7	bat.bing.com	www.googletagmanager.com
5	www.booking.com	www.booking.com cf.bstatic.com
4	www.googletagmanager.com	www.booking.com www.googletagmanager.com
3	collector-pxikkul2rm.perimeterx.net	cf.bstatic.com
3	www.google.de	www.booking.com
3	www.google.com	www.booking.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	4228414.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.booking.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	4228414.fls.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	link.sg.booking.com	1 redirects
90	16

This site contains links to these domains. Also see Links.

Domain
secure.booking.com
cars.booking.com
account.booking.com
booking.com
join.booking.com
www.opentable.com
partner.booking.com
careers.booking.com
sustainability.booking.com
globalnews.booking.com
www.bookingholdings.com
admin.booking.com

Subject Issuer	Validity	Valid
www.booking.com DigiCert ECC Extended Validation Server CA	`2019-11-08` - `2021-11-12`	2 years	crt.sh
q-cf.bstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-10`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
perimeterx.net GeoTrust RSA CA 2018	`2019-07-03` - `2021-08-31`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
Frame ID: B1B32D872A4BE2F33EDDA443F389117D
Requests: 88 HTTP requests in this frame

Frame: https://4228414.fls.doubleclick.net/activityi;dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-
Frame ID: 25755A0D7556472CD3C982044F1D83C0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-
Frame ID: 98C2C2420929DA1954C4330E977ECBDC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-
Frame ID: 70DF627CCBFC0636E6A48866C1F253D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1EpsctHwYOfye5_iA3HShUtg9EzT-RzZbVQzCO819i8mWpy... HTTP 302
https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkc... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

90
Requests

100 %
HTTPS

69 %
IPv6

11
Domains

16
Subdomains

16
IPs

4
Countries

1313 kB
Transfer

4181 kB
Size

10
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.booking.com/help.fr.html?aid=339530&label=46618_ct-banner-cars_v2-&sid=5ad2f924deb9dffab49579c7d3d9ac57
Title: Obtenez de l'aide concernant votre réservation

Search URL Search Domain Scan URL

URL: https://cars.booking.com/AccessMyBooking.do?preflang=fr&prefcurrency=EUR
Title: Gérer la réservation

Search URL Search Domain Scan URL

URL: https://account.booking.com/auth/oauth2?state=UukCWIgksmyaC-YBHrbjKoLQ1H9WGVsHl6jQB6PytLAF7Wl1Fq1yWl2-ysCN6MjGfE7TFwnwrQVJa8e0SbtgqLu6t6mcuYghw72WRElusAm0oEVTcDHGfebo8WC_tKbvBykwk4jQWfw7GxwERkTAa6HzzJz7a2waO2rl44Kup-B9aH9Dt5M6smsPQvOMk5wC1M08brTdJuwv9sHjNsvFlaaKglkBaitoZNUWJ97eX525up3N58eqTRLPq6INFekXCxZABz7LQYhlt54uWCgbBjV1ci5MgNuLj_wQRh6QMeacIrZMpErz_Bk1tAIc2REdewMT5rPKCyBbQQPHzMKfgnZ1u-KOhjvp9rjgpQZzi7bo0jrKarFMjq1dxANd2pkIOVTonVcwNvJGlTpHNVlyOFZrEJGiJZVLHiSQPDKByitzRmZ4lPoyHMJT32ujhHLzlVAmJuUlPPmrHICY1bvdJ1Z1zoFmUvtzB0islg&lang=fr&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&client_id=vO1Kblk7xX9tUn2cpZLS&response_type=code&prompt=register&dt=1617102575&aid=339530&bkng_action=cars
Title: S'inscrire

Search URL Search Domain Scan URL

URL: https://account.booking.com/auth/oauth2?state=UukCWIgksmyaC-Y9z5iemrtcl7wdRJM2wf3iENxx5oNzb70ZrnopsUKMO9EpxqustzNw3gPUor5NXfyLITZoNunNH1v77j3LhoTYFm7JtnOupM4f2gciiHDmord_J15ftjKWt2bPcEYQe--7W07-FY52C9Jea3E2x8w2vXksIMa3hiLEASjKhHYIArpNlBvqB34LPAQb1NewDRuTysyeV6iXgDv1vZ4VDWOdRliOU2OCJim657bHyPJcd17Qd7iCDq0J4YZVBrQcqb41LPxEpiSQ47kL3zrDrpw5vh16Rk2d7c3VfWJgQckBuRRKkD2L4edk9YzDBEtQZghQAErriacbFSZK0FTZmQTu_pXMKjRlsO7Fc4cygVJsGSjg85nluTyHnvHaaEzVt3KAdCReEj7Wy3ldon-UP3zRfYQ9zzB9c3G7gIgIMkFqotrwSyKmb6RYVt2sX_K10LysBeToQXGTAKg2yySx-UCO6w&lang=fr&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&client_id=vO1Kblk7xX9tUn2cpZLS&response_type=code&dt=1617102575&aid=339530&bkng_action=cars
Title: Se connecter

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?lang=fr&token=UmFuZG9tSVYkc2RlIyh9YbOp4iRgDP8UalQvzmfrYNKGagXhSM02lMI5CfsnEzHpZwu4phToAibK9Q33_1m2JnwqholPMMYD1de4Wtd81CYhn48fMRHa5BgcK8MCYaSJybaI5BHhliJkkC-ATfxGIApG4bJvLwaNuPiMtxmd5q--Aak5GWQwe8AVXdnSEyn0RMqx6IP6dEs6NszvEPy87hgiGqBobEHGKqtRvoe2ZupYrsScY73w71UT-gLySif-owq4FjUx-xrjZ6Nb7G65xC1AMytUlZFVutk59lSu6p0tR5f2Azum_ey50GwmZ2cDhPo8YLMKkRIrHJ5-uSGQhk5Q74lzrzH63YCqfYhvG6E&aid=339530&label=46618_ct-banner-cars_v2-&url=https%3A%2F%2Fbooking.kayak.com%2Fin%3Fsid%3D5ad2f924deb9dffab49579c7d3d9ac57%26bdclc%3Dfr-fr%26p%3Dsearchbox_link%26mc%3DEUR%26a%3Dbdc%252Fsearchbox
Title: Vols

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?label=46618_ct-banner-cars_v2-&url=https%3A%2F%2Ffr.bravofly.ch%2Fvol-hotel%2Fbooking.html&aid=339530&token=UmFuZG9tSVYkc2RlIyh9YbXMIktjuPYnB0yLUbCdS5tPqcfiJoVupZ6v240LlspZ4SZ6GeKlvHxMCCjYdGAneGNGoRmVTttPiTjy04otNU0PUuIsGISooG8IJWgYpHnlggD8xXg3ttMuplUiFLflvNDrN8aKSUeR8SdZucFknphIXbCFyyv43edVLhK_S0Ws0wUYaKf2UkIi__75OV2MDexsK3T1IZTcLpeYCYjYRVGlkUgJf55_tt_emUDo6j0cFORhwLbv2pkpQifwqbjlEZPIR4y1P6HdCESZz8eo2ITSlf3RUUaMPom4Umbcp86qpA_1T3aeNajnMsu381ebIXB17OxHxgsJ-Pd6aK69olU&lang=fr
Title: Vol + hôtel

Search URL Search Domain Scan URL

URL: https://join.booking.com/?lang=fr&aid=339530&utm_source=footer_menu&utm_medium=frontend&label=46618_ct-banner-cars_v2-
Title: Ajoutez votre établissement

Search URL Search Domain Scan URL

URL: https://account.booking.com/auth/oauth2?aid=339530&bkng_action=cars&dt=1617102575&response_type=code&client_id=vO1Kblk7xX9tUn2cpZLS&lang=fr&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&state=UvACWIgksmyaC-b_sePbnwqvP7pgfY6b_9wekcxSvoDeHmeNyIwT5BpiJ8-Cv0wCfbGvEyvxwnrRgivCoU0YTNoyBuw1rKho-7fK7CWrprltpQI2C_55t8bL2mhCsfD8_4ilPnmymoaxmboXmoIsACmSMiN5dx9F5fnVV63AUstkATgcOerVNZLUJ65wgGvZYP663ibhxKxQ1c8vUvSrGO3CktcxusQF0KHHRlPaPTuZcugRkHxbBR9E36aaEwg4muGtSXxFGRAaurL0Qk2_PHIYpoZ5YlgiKktYkMiH1j3oMlFVPkEteKo1Sw2PbUpDTC9kvOCZ7sLZEAIIUGKHSOHIfGfI2pd71ejr7rBGCBUDPGENS2Qj7-EEBGgQv65wuGzY03IpfQCCwsp_90FWDpFB1NAg7Nhb8sAjdqCn10VPToQ-JWJbeODUuULIS5xm3drU843g7g5VAQL4IhMmjiV020fvzKtMi9ZWDaaen3szvS0
Title: Votre compte

Search URL Search Domain Scan URL

URL: https://secure.booking.com/content/cs.fr.html?aid=339530;label=46618_ct-banner-cars_v2-;sid=5ad2f924deb9dffab49579c7d3d9ac57
Title: Modification de votre réservation en ligne

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help.fr.html?aid=339530&label=46618_ct-banner-cars_v2-&sid=5ad2f924deb9dffab49579c7d3d9ac57#/?source=blue_footer
Title: Contacter le Service Clients

Search URL Search Domain Scan URL

URL: https://booking.com/articles.fr.html?aid=339530;label=46618_ct-banner-cars_v2-;sid=5ad2f924deb9dffab49579c7d3d9ac57
Title: Articles

Search URL Search Domain Scan URL

URL: http://cars.booking.com/Home.do?affiliateCode=booking-com&adplat=footer&preflang=fr
Title: Location de voitures

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?token=UmFuZG9tSVYkc2RlIyh9YWDUtbaQciWiGSxolLfIVpai0cxXlLaKQ8cpofcIg7FhLI7ueUapFctWr8OjMpAyKG_uJ-4ueMRPdP2ePGYsK5v0PGYFvj4-w7dVwvxMLyQJvFuh0-SCrBTei2iWCQ9ek0I_Y2MKVFZ92YMzfIIVJqIXNZP_GI7PaOMSb3_XeAnIOOr1VuCbgN4z43IhG1OnTwesJ9Xv_F-Vuzcon7eBpWpSwWpWJpAnhCA7QwWI5TwEM1ZOL2M4T1Soy1225oFzVSnmOGBBVjjumTYSDV2HVuh2h1YltY88DZ1XgsY12YL1LafbexIwdGJGhlZO9zZV4Q&lang=fr&url=https%3A%2F%2Fbooking.kayak.com%2Fin%3Fbdclc%3Dfr-fr%26sid%3D5ad2f924deb9dffab49579c7d3d9ac57%26p%3Dfooter_link%26mc%3DEUR%26a%3Dbdc%252Ffooter_link&aid=339530
Title: Comparateur de vols

Search URL Search Domain Scan URL

URL: http://www.opentable.com/?ref=16087
Title: Réservations de restaurant

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help.fr.html?aid=339530&label=46618_ct-banner-cars_v2-&sid=5ad2f924deb9dffab49579c7d3d9ac57#/?source=footer_navigation
Title: Contacter le Service Clients

Search URL Search Domain Scan URL

URL: https://partner.booking.com/en-gb?utm_campaign=footer_list&utm_medium=frontend_footer&utm_source=booking.com
Title: Aide aux partenaires

Search URL Search Domain Scan URL

URL: https://careers.booking.com/?utm_source=corporate&utm_medium=footer
Title: Careers

Search URL Search Domain Scan URL

URL: https://sustainability.booking.com/
Title: Durabilité

Search URL Search Domain Scan URL

URL: https://globalnews.booking.com/?aid=339530&lang=fr
Title: Actualités presse

Search URL Search Domain Scan URL

URL: https://www.bookingholdings.com/
Title: Relations avec les investisseurs

Search URL Search Domain Scan URL

URL: https://secure.booking.com/content/complaints.fr.html?aid=339530;label=46618_ct-banner-cars_v2-;sid=5ad2f924deb9dffab49579c7d3d9ac57
Title: Réclamation partenaires

Search URL Search Domain Scan URL

URL: https://admin.booking.com/?lang=fr&utm_source=extranet_login_footer&utm_medium=frontend&utm_campaign=login_footer_v0
Title: Accéder à l'extranet

Search URL Search Domain Scan URL

URL: https://secure.booking.com/reviewtimeline.fr.html?aid=339530&label=46618_ct-banner-cars_v2-&sid=5ad2f924deb9dffab49579c7d3d9ac57&from_index_lightbox=1
Title: Se connecter et l'évaluer

Search URL Search Domain Scan URL

URL: https://account.booking.com/auth/oauth2?aid=339530&bkng_action=cars&dt=1617102576&response_type=code&client_id=vO1Kblk7xX9tUn2cpZLS&lang=fr&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&state=UtsCWIgksmyaC-afpBjujHqlkRpsnLnZuJHc8R3mIu7AAXLzienvKF-x12pePSHPO-J28UrGmOYPSXLWvtAeo2fJsgEE2Zw1_6omkM_33-I7Tk4qiYmLXD8vFmKqVf3WoWdnpD3M8wz2bsStiVwpCrJkjgHR2KJI-MDLujip_u5cyWFE0CPtayCKWuiw9v4bY0MUgSTs-41W5c5GoHE0e-2McJyLUON5mXJpvhmhTQw69ii_1wJA1-FgeuNsJKdOFLNMvgCN3NDaivCMT1O2gHo04H6CW16mgX6QlPrMwNUuWX4QTNkVTtRn7MmEx-3WXZGwNfxTHWZlaVUeFW36bikLnZopehgXhRdR4GZ1smq_iNkpSBnxvHD-jNe0yA8ipikEsAuRgomXdW__-07mYm0oiUziLKTd3GLWoFSwi-pbyWme04zQQOhCGnzyr0uDAEo8vuFnaHH1fpjjGJg
Title: Je me connecte

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1EpsctHwYOfye5_iA3HShUtg9EzT-RzZbVQzCO819i8mWpynlHCfin2dox34fphSxs_EzrnGmfDy-4T1e1SVOqWYJESl33Agvrx5BlkLe4nlkcfcKOBBZtVtCIO4P4bJuxnnclZ5ikA9phS0eMtZQehAsjpXOjCO6_Wvdzq9GoVX7wvOlt_JNtv6rX_F4TiwT4oDLUt2lzDyoGTHnpaSITi_Y0b1aTGEYwW507n0rSLfWTFpN7tJgmDG2aEr-rTPHw/3an/orHZETvvRHOln_BCzXaAAg/h48/hHMzdATVnQW3WKCzwf8c60wa78XOAI7XiPH1AqE-Xxc HTTP 302
https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://4228414.fls.doubleclick.net/activityi;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2- HTTP 302
https://4228414.fls.doubleclick.net/activityi;dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-

90 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.fr.html Show response
www.booking.com/cars/
Redirect Chain

https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1EpsctHwYOfye5_iA3HShUtg9EzT-RzZbVQzCO819i8mWpynlHCfin2dox34fphSxs_EzrnGmfDy-4T1e1SVOqWYJESl33Agvrx5BlkLe4nlkcfcKOBBZtVtCIO4P4bJuxnnclZ5ikA9...
https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-

409 KB
107 KB

377ms
220ms

Document
text/html

37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

25bec79f383dda353fcc07fcac6021fa6ba1a8ddec29530e3962c91a58be0843

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.booking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 30 Mar 2021 11:09:35 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: private
vary: User-Agent, Accept-Encoding
content-encoding: br
link: <https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/30c2459e3f2bd3b97c6038fdc16e7f74d242a601.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/main_bui_9_cloudfront_sd.iq_ltr/f4589ee1077141662717d54cf7453f4ab287b09b.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/61d59667645e52401a70bcca626032581160ca5b.css>; rel=preload; as=style
nel: {"max_age":604800,"report_to":"default"}
report-to: {"max_age":604800,"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}]}
set-cookie: _pxhd=7d52d838220462edcdcc37e233aea303d904a6da9ff26cb49359ccecf9cdedec%3A6936bd41-9148-11eb-97e8-850fcdac1ed0; path=/; expires=Wed, 30-Mar-2022 11:09:35 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT8hqoqwQz32%2FCHj0JNwRJVYG21PjHPs3J7cXw53ZXYrSRtsc2vg2nTUgaO2TN0dEtcGdzjLCUj8u%2Bjh%2FgRdNpnp7usw6cBJKqcqVzEDyWEcgOohPRsXA%2FF3m1tDt0oC52hsvpRkgncX6k%2Fi98gOz98iDdnKWHO7gNg%3D; domain=.booking.com; path=/; expires=Sun, 29-Mar-2026 11:09:35 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
content-security-policy-report-only: report-uri https://reports.booking.com/csp_violation?type=report&tag=112&pid=7d154e7703ce0034&e=UmFuZG9tSVYkc2RlIyh9YQPiEXwp3iUx_m0pKcJlOwNg215igIgKUEwaJ89EUeAN&f=2&s=0; frame-ancestors 'none';
x-xss-protection: 1; mode=block

Redirect headers

content-type: text/html; charset=utf-8
content-length: 249
location: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
server: nginx
date: Tue, 30 Mar 2021 11:09:35 GMT
x-robots-tag: noindex, nofollow
x-cache: Miss from cloudfront
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: SzYVbwjIG30-s-yTM-wKnuo3fCCMqZGD2xdktHZdJLtzF1hlol62rA==

GET
H2 200 30c2459e3f2bd3b97c6038fdc16e7f74d242a601.css
cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/ 163 KB
27 KB 32ms
10ms Stylesheet
text/css 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/30c2459e3f2bd3b97c6038fdc16e7f74d242a601.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

179bdb4a942f8326f14e383e31ced2a55ae87a638c1bd8493de0de18d55e2791

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 04:01:46 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1148869
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jan 2021 14:33:54 GMT
server: nginx
etag: W/"60083f52-28bba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: 0wwVughqPHTyNUlcHuUhHYW5aorwzqp_TDN5W76bkwC7FbMRYFSrCw==
expires: Fri, 16 Apr 2021 04:01:46 GMT

GET
H2 200 f4589ee1077141662717d54cf7453f4ab287b09b.css
cf.bstatic.com/static/css/main_bui_9_cloudfront_sd.iq_ltr/ 373 KB
52 KB 32ms
10ms Stylesheet
text/css 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/main_bui_9_cloudfront_sd.iq_ltr/f4589ee1077141662717d54cf7453f4ab287b09b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dddeb4a31246970c1cd9c46cf70b56f39b6a294e231d6a843ac00f758e785daf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 09:11:27 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 93488
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 10:40:04 GMT
server: nginx
etag: W/"605dba04-5d24c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: 73II3ZDzdHPWn2D2S_3OgKhphLQRoPMgZnJgPc0zStN-TLxrR1UvgQ==
expires: Wed, 28 Apr 2021 09:11:27 GMT

GET
H2 200 61d59667645e52401a70bcca626032581160ca5b.css
cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/ 120 KB
20 KB 40ms
18ms Stylesheet
text/css 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/61d59667645e52401a70bcca626032581160ca5b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e1d6a63eda69c63f38f06d468167befa0f0c9191c39c73c2a973ed367bc6bb5f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 02:35:35 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1326839
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jan 2021 14:33:55 GMT
server: nginx
etag: W/"60083f53-1dea4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: r7_HaIUjLBQPiE69jKT4noMSti72O04ERA5jWPcKwBaVMVCqqVaY8g==
expires: Wed, 14 Apr 2021 02:35:35 GMT

GET
H2 200 4e2203ea8e576ee9aaab4ddd52b59054ec915695.js Show response
cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/ 37 KB
13 KB 32ms
11ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/4e2203ea8e576ee9aaab4ddd52b59054ec915695.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

79ae7a140bce5db0f2453907a032c23566276c77c9d56b27dfd798558edcfcb1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 23:21:06 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1770509
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Dec 2020 12:32:48 GMT
server: nginx
etag: W/"5fc8daf0-9478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: hgQX3bLnejKU5Qt3QKr7MVW3zmJDLUR1eMsWEQwuIHi4FH54jhbNmA==
expires: Thu, 08 Apr 2021 23:21:06 GMT

GET
H2 200 b7d9d30c56875df3553b561b0a06e5edf66aa9fe.js Show response
cf.bstatic.com/static/js/jquery_cloudfront_sd/ 103 KB
33 KB 32ms
12ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/jquery_cloudfront_sd/b7d9d30c56875df3553b561b0a06e5edf66aa9fe.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58152349e8977d29033e96a8617c5b5699485400848518ac05dab5bee7e874c0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 15:04:59 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1800276
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:38 GMT
server: nginx
etag: W/"5cadd1c2-19a65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: dSJig4cBfxpfHiQIyFSK6XuKGNeLGMN_OSAmiFdeBRCXrsqtjrKbZQ==
expires: Thu, 08 Apr 2021 15:04:59 GMT

GET
H2 200 c6b37906e15bab346d0c60d135f2351f8e9b22ff.js Show response
cf.bstatic.com/static/js/main_bui_9_cloudfront_sd/ 535 KB
135 KB 32ms
11ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/main_bui_9_cloudfront_sd/c6b37906e15bab346d0c60d135f2351f8e9b22ff.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0277b2f4c4d8fdcfb1fd148ada4c9ddff22c101a92f6300831139c72dce94384

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 09:11:27 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 93487
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Mar 2021 07:58:55 GMT
server: nginx
etag: W/"606188bf-85df9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: Tl6V9Zbs37bfqg_YfaH9ivl01K8a3GLObFX5C_cRmJP4h_JI9MSGOg==
expires: Wed, 28 Apr 2021 09:11:27 GMT

GET
H2 200 800f42bbdce2ce5a5f10bc4b10a28a2bbed03d9e.js Show response
cf.bstatic.com/static/js/searchbox_cloudfront_sd/ 211 KB
46 KB 32ms
11ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/searchbox_cloudfront_sd/800f42bbdce2ce5a5f10bc4b10a28a2bbed03d9e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

02d1394e6f2e5ef1f320e9122c11d058b535b6a403452e7f56fbd5b5c89830f2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:00:19 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 594556
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Mar 2021 13:52:32 GMT
server: nginx
etag: W/"6059f2a0-34de0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: QhS1av9rAax8u5djSH1nvth8VtHx-6lMTooX_JYlLTQ4r3cvmyx14Q==
expires: Thu, 22 Apr 2021 14:00:19 GMT

GET
H2 200 f56f7a2e7854715ad5ecc2f07a1a4c7b4a49970d.js Show response
cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/ 5 KB
2 KB 32ms
12ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/f56f7a2e7854715ad5ecc2f07a1a4c7b4a49970d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

989d322d7d5dcbf0d70bdf5ccb512aef7ffbb4b31051cd1072bd9f711f0dcfeb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 01:04:53 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1850682
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 22 May 2020 09:54:55 GMT
server: nginx
etag: W/"5ec7a16f-14e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: 3AKT460FzzuZMo2NouLb4C9b4Z2muPIjBLvbRltmt-crHlkh4I7lNA==
expires: Thu, 08 Apr 2021 01:04:53 GMT

GET
H2 200 2454015045ef79168d452ff4e7f30bdadff0aa81.js Show response
cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/ 95 B
670 B 11ms
10ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 19:57:00 GMT
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1696355
x-cache: Hit from cloudfront
content-length: 95
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:38 GMT
server: nginx
etag: "5cadd1c2-5f"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: IR_bk3CuCyxjxlnYklxkCpQy4OuR8fm-F14Si_Mw8ZvnKxRLZmA2TA==
expires: Fri, 09 Apr 2021 19:57:00 GMT

GET
H2 200 77204d4da4aa41b08b1a4062c8e66e4629550994.js Show response
cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/ 5 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e4629550994.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

994ec33de4b9253b6abbf26965dafb40c822e0b333e334456be7ff2a6fa638fe

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 01:45:36 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1329839
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:57 GMT
server: nginx
etag: W/"5e39454d-15f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: vreaZudxUR7X2s6fc-9AUvs2tVGB2pr9FAre0s06hkr2BKc8QWO4Cg==
expires: Wed, 14 Apr 2021 01:45:36 GMT

GET
H2 200 2639c61acbdc4b699f29022f6d72a1c684d2fd8d.png
cf.bstatic.com/static/img/flags/new/48-squared/ch/ 199 B
773 B 23ms
22ms Image
image/png 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/new/48-squared/ch/2639c61acbdc4b699f29022f6d72a1c684d2fd8d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

29baec1746756d78beb18ae3ffcc32757defe53e6ad61ec6e580f712f7dcb9a8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 06:18:40 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1918256
x-cache: Hit from cloudfront
content-length: 199
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
server: nginx
etag: "5f55f887-c7"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JPte8aXbSxzYUdHDAD6WJFu1fReYHO185aDc_VkSO40ojZm18OcbgQ==
expires: Wed, 07 Apr 2021 06:18:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
36 KB 44ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFKLM6D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfa4fdd8bfcbe0228906f69947d3615d2694efac5061e721245e22894617df6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36432
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Mar 2021 11:09:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 35ms
14ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-4228414

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c4c2108ebb9789d45495cec9f0eb428cad1ddb27133e1c0e3fc2a9e9ba36c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39055
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Mar 2021 11:09:36 GMT

GET
H2 200 99635b6677d336909493a622c82c173f4e7312b8.css
cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/ 73 KB
13 KB 11ms
10ms Stylesheet
text/css 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/99635b6677d336909493a622c82c173f4e7312b8.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

392f9d8c83af4ba4036e89938b3390781cfe46f3368981249262af759cef6289

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 11:14:03 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 258933
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Feb 2021 09:36:09 GMT
server: nginx
etag: W/"60376f89-12384"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: giDRN1bMdDI7mbJUOcjLlIItY7JzG8FGH3OgO1bkncGe2uiuzXVKtQ==
expires: Mon, 26 Apr 2021 11:14:03 GMT

GET
H2 200 europcar_logo_lrg.gif
cdn.rcstatic.com/images/supplier_logos/ 1 KB
1 KB 80ms
36ms Image
image/gif 104.19.168.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rcstatic.com/images/supplier_logos/europcar_logo_lrg.gif
Requested by: Host: www.booking.com
URL: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.168.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1795e80722788cebdceaa281e068113a5469fd5b66c2a3c979a35bccce3a701

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
cf-cache-status: HIT
age: 4631
cf-polished: status=not_needed
last-modified: Mon, 01 Feb 2021 16:29:13 GMT
content-length: 1399
cf-request-id: 09246c32d80000cc4abc1c6000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "577-5ba48dab10840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6380e2fe2d01cc4a-ZRH
expires: Tue, 30 Mar 2021 15:09:36 GMT

GET
H2 200 alamo_logo_lrg.gif
cdn.rcstatic.com/images/supplier_logos/ 2 KB
3 KB 94ms
49ms Image
image/gif 104.19.168.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rcstatic.com/images/supplier_logos/alamo_logo_lrg.gif
Requested by: Host: www.booking.com
URL: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.168.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28dda9f0df9c80265a2e3ba5dbf3015b5751670eab044540dd0d92509fdfd0df

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
cf-cache-status: HIT
age: 4631
cf-polished: origSize=2503
last-modified: Tue, 07 Jun 2016 08:56:30 GMT
content-length: 2495
cf-request-id: 09246c32d80000cc4af123f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "9c7-534ac5d6d0b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6380e2fe2d04cc4a-ZRH
expires: Tue, 30 Mar 2021 15:09:36 GMT

GET
H2 200 sixt_logo_lrg.gif
cdn.rcstatic.com/images/suppliers/flat/ 2 KB
2 KB 80ms
36ms Image
image/gif 104.19.168.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rcstatic.com/images/suppliers/flat/sixt_logo_lrg.gif
Requested by: Host: www.booking.com
URL: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.168.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce63aac1fd4b52d36677ac54a98ea1c3bb008bc7888b17182e8ed3a7b2a22bd

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
cf-cache-status: HIT
age: 6774
cf-polished: status=not_needed
last-modified: Thu, 22 Mar 2018 13:21:43 GMT
content-length: 2236
cf-request-id: 09246c32d80000cc4a36308000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "8bc-56800304a07c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6380e2fe2d05cc4a-ZRH
expires: Tue, 30 Mar 2021 15:09:36 GMT

GET
H2 200 avis_logo_lrg.gif
cdn.rcstatic.com/images/supplier_logos/ 2 KB
3 KB 78ms
34ms Image
image/gif 104.19.168.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rcstatic.com/images/supplier_logos/avis_logo_lrg.gif
Requested by: Host: www.booking.com
URL: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.168.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3826bacd8aac38ff4f25f594fad242b3a5e9f9d1c394bc04502df00477f8371c

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
cf-cache-status: HIT
age: 4631
cf-polished: origSize=2220
last-modified: Tue, 07 Jun 2016 08:56:35 GMT
content-length: 2212
cf-request-id: 09246c32d90000cc4ac119c000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "8ac-534ac5db956c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6380e2fe2d08cc4a-ZRH
expires: Tue, 30 Mar 2021 15:09:36 GMT

GET
H2 200 enterprise_logo_lrg.gif
cdn.rcstatic.com/images/supplier_logos/ 2 KB
2 KB 93ms
49ms Image
image/gif 104.19.168.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rcstatic.com/images/supplier_logos/enterprise_logo_lrg.gif
Requested by: Host: www.booking.com
URL: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.168.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a1d2ef83ed518cfcf4140c167c567c815d274b78cb82c2e28c1b01498d9da4a

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
cf-cache-status: HIT
age: 4631
cf-polished: origSize=2207
last-modified: Tue, 07 Jun 2016 08:52:23 GMT
content-length: 2199
cf-request-id: 09246c32d90000cc4a1aa68000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "89f-534ac4eb41fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6380e2fe2d09cc4a-ZRH
expires: Tue, 30 Mar 2021 15:09:36 GMT

GET
H2 200 dollar_logo_lrg.gif
cdn.rcstatic.com/images/supplier_logos/ 1 KB
2 KB 78ms
34ms Image
image/gif 104.19.168.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rcstatic.com/images/supplier_logos/dollar_logo_lrg.gif
Requested by: Host: www.booking.com
URL: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.168.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 408d1d98dff7d87564dd910be65129d786ab8f8c04ec3e3459f0caa217c2d49c

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
cf-cache-status: HIT
age: 4631
cf-polished: status=not_needed
last-modified: Fri, 02 Mar 2018 11:28:08 GMT
content-length: 1499
cf-request-id: 09246c32d90000cc4af1240000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5db-5666c4541e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6380e2fe2d0bcc4a-ZRH
expires: Tue, 30 Mar 2021 15:09:36 GMT

GET
H2 200 thrifty_logo_lrg.gif
cdn.rcstatic.com/images/supplier_logos/ 2 KB
2 KB 47ms
47ms Image
image/gif 104.19.168.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rcstatic.com/images/supplier_logos/thrifty_logo_lrg.gif
Requested by: Host: www.booking.com
URL: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.168.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7b56687674adbfcb66719b258d1307dab25334a24ed8ec2cf0c0e8b932d3878

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
cf-cache-status: HIT
age: 4631
cf-polished: origSize=1761
last-modified: Wed, 11 Apr 2018 10:19:18 GMT
content-length: 1753
cf-request-id: 09246c32e70000cc4ad4aed000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6e1-5698ff8be1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6380e2fe3d27cc4a-ZRH
expires: Tue, 30 Mar 2021 15:09:36 GMT

GET
H2 200 sicily_by_car_logo_lrg.gif
cdn.rcstatic.com/images/suppliers/flat/ 2 KB
2 KB 36ms
35ms Image
image/gif 104.19.168.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rcstatic.com/images/suppliers/flat/sicily_by_car_logo_lrg.gif
Requested by: Host: www.booking.com
URL: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.168.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a918ad66ed1497b94e87a03d109ec72dd090a1fd58b85fd868d5bd0f83ad783

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
cf-cache-status: HIT
age: 4631
cf-polished: status=not_needed
last-modified: Wed, 27 Jan 2021 15:24:26 GMT
content-length: 2097
cf-request-id: 09246c32e70000cc4a32a86000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "831-5b9e35dcd3e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6380e2fe3d2bcc4a-ZRH
expires: Tue, 30 Mar 2021 15:09:36 GMT

GET
H2 200 613095.webp
cf.bstatic.com/xdata/images/city/360x240/ 16 KB
17 KB 20ms
17ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/613095.webp?k=8caf960d96a59e284ac1518ac8777e89d17fda6572acd84dbec151f627c7bf07&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7df71dab7434e8818e34e5cf9e9fed703e510e7eab27264b39e8072a5a140cda

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 01:39:16 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 2107820
etag: "49b3a5e6c0e128b49ccd2ec3a2696ec7c54866b1"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 16822
x-xss-protection: 1; mode=block
x-amz-cf-id: quGjqbXpG164_r5LraoCzGg9_OyaeiCqdABfaTpTb0pZfBJfYSpurQ==
expires: Mon, 05 Apr 2021 01:39:16 GMT

GET
H2 200 619644.webp
cf.bstatic.com/xdata/images/city/360x240/ 11 KB
12 KB 15ms
12ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/619644.webp?k=5b21ac6d3d913a54274d6546e60adb2c3c138d661dd1a2bd7b3aed53e9df0b65&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0fec62acbe6cd0ebf682074d42b46384059fea21d322f2e14724c882454f353e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 04:30:39 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1751937
etag: "6d25add35ea4ff5e8c8dd5b3d151783322b4cf6b"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 11630
x-xss-protection: 1; mode=block
x-amz-cf-id: jhSSIKdA-eU_ouZX4-_mKo1y18-KU58i1L-_nZfbj9_cZ8I-TDyKUA==
expires: Fri, 09 Apr 2021 04:30:39 GMT

GET
H2 200 613105.webp
cf.bstatic.com/xdata/images/city/360x240/ 24 KB
24 KB 16ms
13ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/613105.webp?k=1e85cf4dec7b0d5a6327be91c38cf9c1711f9da1a31c4cba736f9cb751443ff1&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e22aae715e00a795278e6396669a4b12f88f180ac12a2b1cc356069daaf40c4e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 16:06:20 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1796596
etag: "174cbb0cc52384d2be1cbca358e2681a96f11a85"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 24320
x-xss-protection: 1; mode=block
x-amz-cf-id: dZUkC1ugZi7G07lAwdbyLdgbQzIiyCu6dYiJzpIEjhmkaPJ04jujJA==
expires: Thu, 08 Apr 2021 16:06:20 GMT

GET
H2 200 613088.webp
cf.bstatic.com/xdata/images/city/360x240/ 27 KB
28 KB 20ms
18ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/613088.webp?k=a370ac3fb385fb211b35a79a42b0e968ddb458be37108af476c558bf4cedc1f3&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5d60a009b3d43a0ec5d42d6dc1d5d513b0b113923cc8dc1506b422fd2c8e2d24

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 01:25:51 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1590225
etag: "558dd5f1cc52a7025f94aba7dc79cea7687dcec0"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 27782
x-xss-protection: 1; mode=block
x-amz-cf-id: jWKtZ8via3N4RPV1u8R9CPcVJadI6lJNpEg_DvY7JmR6s0lEuFLyzg==
expires: Sun, 11 Apr 2021 01:25:51 GMT

GET
H2 200 968315.webp
cf.bstatic.com/xdata/images/city/360x240/ 19 KB
20 KB 16ms
14ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/968315.webp?k=14d0bad185930ec2663562b999ecf498fb6fcf492c16a4c33228504a15e2d119&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9d756bd392e377878c3514109c7c9c8ada3544bca6d0365783044b53cc199034

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 07:41:51 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 2172465
etag: "09b3ec76320aa4e8ee7a1387c3d6bd80f527d510"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 19698
x-xss-protection: 1; mode=block
x-amz-cf-id: PbyCqmH2RKC6tHYtQv4I8wins1QXNgg-s-ocSfp_QiL_PcKHAIcAaA==
expires: Sun, 04 Apr 2021 07:41:51 GMT

GET
H2 200 971353.webp
cf.bstatic.com/xdata/images/city/360x240/ 31 KB
31 KB 17ms
15ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/971353.webp?k=a5b47d2c38469086427837dfe64ab2e6f57ba52f0504359ef4cc02dc4b9b0737&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

891edf293c72592aee543921a2c28542a354b3b68593742de47dddccc88b53bf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 06:57:18 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1915938
etag: "c9c28caaf55ed16c2f2fda0a6982d0f5f292c19b"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 31574
x-xss-protection: 1; mode=block
x-amz-cf-id: 8NMQ3oXB8Mk6MtNY_VMxOGaj2pvdG2vD0RZVpT2NaeSUcZkkExwewg==
expires: Wed, 07 Apr 2021 06:57:18 GMT

GET
H2 200 619932.webp
cf.bstatic.com/xdata/images/city/360x240/ 9 KB
9 KB 18ms
16ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/619932.webp?k=81c20cf1191a1d05472b45413bed3cee67dc92b8c1387c60a960beb5629f109d&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6c98b348df1c087e3df2ed88f057115a6aba074898f0b9776de9e2394affe17d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 07:41:51 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 2172465
etag: "97807a98852609999425aa5b2d6c9646afec1eb2"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 9150
x-xss-protection: 1; mode=block
x-amz-cf-id: 5tRLaA7m92-Oaoi870EZJF29he0CZoL-wlFJmt7kBN6klTpwr1YQsA==
expires: Sun, 04 Apr 2021 07:41:51 GMT

GET
H2 200 645577.webp
cf.bstatic.com/xdata/images/city/360x240/ 16 KB
16 KB 22ms
21ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/645577.webp?k=81d61cb4e120af4d4218386546a117b77ef18dfcf3727d186ec3a1aad60f38fe&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7926b27f6c8f9b6090b06df9ff4943c04f804281f9775f6fa2030b53f6c1ea1b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 18:42:31 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1614425
etag: "4f4888cfe42c9c07725da564d21f66e78513c4e4"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 16058
x-xss-protection: 1; mode=block
x-amz-cf-id: 6KAKm6ZyM4Q7JMzzMCTOijX77gk0BHc9pLwwQ0I3wOAxJXHz89hrkA==
expires: Sat, 10 Apr 2021 18:42:31 GMT

GET
H2 200 619965.webp
cf.bstatic.com/xdata/images/city/360x240/ 16 KB
16 KB 23ms
22ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/619965.webp?k=8b2bc851e921e03c4565fe28e4f608c30223227743b3b2cc56c476a5ef04d3da&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fc4744086f6bcd03135042166bd6529cb324ab85d46428b020fa6ed913f40037

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 22:27:35 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 132121
etag: "8cebbe50a717c45bcafda99937aaa323206f97b4"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 16422
x-xss-protection: 1; mode=block
x-amz-cf-id: YwPZykx-ZNaey6332tZ-iiou8vfknyWDroInTtwMWc4-DYmffPcZUg==
expires: Tue, 27 Apr 2021 22:27:35 GMT

GET
H2 200 683175.webp
cf.bstatic.com/xdata/images/city/360x240/ 14 KB
14 KB 13ms
9ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/683175.webp?k=12ee6c35c41bf53f6677d9639e451b1c78be233ee572973cae23265f2c8bd1bd&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

38d191a8bd474783280507a7eae57d49a15056b30d3b82227aa7ea49d7f33a65

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 02:50:25 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1844351
etag: "fdc227403eedb09f27cea4e0a2408fe358b637f7"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 13836
x-xss-protection: 1; mode=block
x-amz-cf-id: buyrirkO2JobAYVldY5DdzbWiUHRVelF_-LxeZ_rvsDFeVO-hVY6sg==
expires: Thu, 08 Apr 2021 02:50:25 GMT

GET
H2 200 654659.webp
cf.bstatic.com/xdata/images/city/360x240/ 11 KB
11 KB 21ms
14ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/654659.webp?k=9c4ac59d35869485631346dc1ee16d28e82ec5f79654bf56b4b4eaeef3388299&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dffb88a4aab017ee35ec80b6b3fab8d952daa067f5395d12baaf1bf2561cce38

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 01:24:03 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1849533
etag: "98ffe1a6422b7dd042f681986cac4d5100ee837d"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 11280
x-xss-protection: 1; mode=block
x-amz-cf-id: sje3tp4bDAfovmxc6oZOR9D25if3cNR9UDSRKu8Mti80eK0YeMTeXg==
expires: Thu, 08 Apr 2021 01:24:03 GMT

GET
H2 200 972592.webp
cf.bstatic.com/xdata/images/city/360x240/ 10 KB
10 KB 15ms
8ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/972592.webp?k=786a11b191b86a238ec986b90fe732664cd9ca2f17dce9faa02bb08777749fc1&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2d22e1e51d3c477d55d8cacd06f5db5871c9156ccc1a3c00864384b76576ef19

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 07:41:51 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 2172465
etag: "9062d6e973a3b0c724922a751563e9e98e2a75d6"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 10076
x-xss-protection: 1; mode=block
x-amz-cf-id: Ei4nkqDZ53u1LN-UWmD31T6osm0oCtKLdm3IxKFEm7D2jcIQD-S2hQ==
expires: Sun, 04 Apr 2021 07:41:51 GMT

GET
H2 200 644849.webp
cf.bstatic.com/xdata/images/city/360x240/ 14 KB
14 KB 15ms
9ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/644849.webp?k=f581ad57a3045790f8c1de80f578154b3369d4bd9f090a4a1146a4eab76224ad&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

14d3ab41f7ba6b8841138e371b54a9824a5e040371f958af47e21c85ac666ab9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 23:17:41 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 906715
etag: "0156f387876e478e66960c78b62428056b5eb03c"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 14352
x-xss-protection: 1; mode=block
x-amz-cf-id: 7VX5WRAv7IhEnqCjT44-qy_8QIR1Z4-KAXQtwN31aDPyx15mBm3AYQ==
expires: Sun, 18 Apr 2021 23:17:41 GMT

GET
H2 200 972613.webp
cf.bstatic.com/xdata/images/city/360x240/ 21 KB
21 KB 16ms
10ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/972613.webp?k=bad433a74a80d55d3e6ce265ac7b61bac169cc0c7c54cdc576f6baf8730e2c8d&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5ebc362af700c879bb8985ce5bc1bb5295f6ff21080792d67cb944f1b666e173

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 06:57:18 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1915938
etag: "4495f9ba455194640dbc38132ac20cafc923d50f"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 21094
x-xss-protection: 1; mode=block
x-amz-cf-id: JjKjljt8A5a3IrX3vkP8pA-DqhHH3pgQeoAsMqE5ME1AJlT2FuMY4Q==
expires: Wed, 07 Apr 2021 06:57:18 GMT

GET
H2 200 626991.webp
cf.bstatic.com/xdata/images/city/360x240/ 11 KB
12 KB 22ms
17ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/626991.webp?k=2e39cf151988e12f16bff255da7e0f2900498f12070771d0183499504775614d&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dd6c66682b1ae5a3948b7f96ff6a230cb8ffff16ec117ca383c52fef48b11b61

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 01:23:40 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 2454356
etag: "c02e8009d3a23b68bf014c9b1c0d8a8a555eb60b"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 11736
x-xss-protection: 1; mode=block
x-amz-cf-id: tnNv7twgPorIVnZWFyql8RKZUd8idtJlocKJdKI_sazNBqh715853A==
expires: Thu, 01 Apr 2021 01:23:40 GMT

GET
H2 200 971983.webp
cf.bstatic.com/xdata/images/city/360x240/ 30 KB
31 KB 20ms
15ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/971983.webp?k=ba34c6155d25b9938999f108ba9d18c23e62b92fffacb3b53b2a04e46694e4c6&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

de647bd07cb1b5056a3e6cadd29d77ef2d84dbc29598e238e9671278e999ceed

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 06:57:18 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1915938
etag: "5d3345a580659196ff07a5bae2a67b536f4e7403"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 31064
x-xss-protection: 1; mode=block
x-amz-cf-id: ggcaYV16qvgjbfpiYqquByI7N_PmPtvx1hS-FqXIhc-1WofjbcI8gQ==
expires: Wed, 07 Apr 2021 06:57:18 GMT

GET
H2 200 620036.webp
cf.bstatic.com/xdata/images/city/360x240/ 21 KB
22 KB 25ms
20ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/620036.webp?k=da1bb740e7026af0062b9bbab20fde0f05f522f18535bae387e66f72f4488703&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4a73fc3eaaea98c3632572c8d4f6ff9cc280c26bbc245fac47dd6ac62864ee44

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 20:26:07 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1435409
etag: "7c27ff9fd287be93540c5487c4f0d39780a6c1aa"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 21942
x-xss-protection: 1; mode=block
x-amz-cf-id: HscwL-n4Q6Hnmc6W75nNHFLvRywIm6e3QU5Watakam9dy6nAWm5-1g==
expires: Mon, 12 Apr 2021 20:26:07 GMT

GET
H2 200 639763.webp
cf.bstatic.com/xdata/images/city/360x240/ 21 KB
21 KB 24ms
20ms Image
image/webp 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/360x240/639763.webp?k=0f28532f00c333c4be96a7ec57b84beb47856bf069dae8c5eb3b253b5c770674&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a2dbf92b586bc1aa674d9332875b97a31e4b7c98967450653d626285bc78af47

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 01:15:44 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
server: nginx
age: 1763632
etag: "8906c78479a8fcc171e94008267f9fdc7f4b12cf"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
content-length: 21086
x-xss-protection: 1; mode=block
x-amz-cf-id: UkmK2KZmwNaB8OwVuc7zaqOUhCL82Of2kXbBHilFNKg5Ui9oqeJfug==
expires: Fri, 09 Apr 2021 01:15:44 GMT

GET
H2 200 27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png
cf.bstatic.com/static/img/tfl/group_logos/logo_booking/ 2 KB
2 KB 25ms
22ms Image
image/png 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:31:28 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1802288
x-cache: Hit from cloudfront
content-length: 1628
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-65c"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: X1Oth5tb8FR7oJpJO2CIrwqAwlitO8VKisYa2HHLGzmlFCtUbAocIQ==
expires: Thu, 08 Apr 2021 14:31:28 GMT

GET
H2 200 f80e129541f2a952d470df2447373390f3dd4e44.png
cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/ 2 KB
2 KB 25ms
22ms Image
image/png 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 04:08:07 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1321289
x-cache: Hit from cloudfront
content-length: 1591
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-637"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: R_OWfQmANrA8sC0GlicVVubKv3KDs_uCnGLyHxJ96tudSut_TuJ-DQ==
expires: Wed, 14 Apr 2021 04:08:07 GMT

GET
H2 200 83ef7122074473a6566094e957ff834badb58ce6.png
cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/ 1 KB
2 KB 25ms
22ms Image
image/png 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 22:57:17 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1771939
x-cache: Hit from cloudfront
content-length: 1154
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-482"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zxF5diiyOSpYts6TVPLsqrxkH8Lg9oJtHXLlmrruI2oaXVANh29W-g==
expires: Thu, 08 Apr 2021 22:57:17 GMT

GET
H2 200 1c9191b6a3651bf030e41e99a153b64f449845ed.png
cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/ 2 KB
3 KB 25ms
23ms Image
image/png 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 23:03:47 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 389149
x-cache: Hit from cloudfront
content-length: 2146
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 10:15:57 GMT
server: nginx
etag: "5e6a0bdd-862"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: HqJx4wUQQYBd1qd0a8iVvqdDH8CMfUM_3dJrxVp0swuxVsx_ORpxYQ==
expires: Sat, 24 Apr 2021 23:03:47 GMT

GET
H2 200 6bc5ec89d870111592a378bbe7a2086f0b01abc4.png
cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/ 3 KB
4 KB 25ms
23ms Image
image/png 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/6bc5ec89d870111592a378bbe7a2086f0b01abc4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 23:16:05 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 2202811
x-cache: Hit from cloudfront
content-length: 3221
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-c95"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: t35RBBuVLyyvX8JIoqVHiUKkt73SMj5jLK1QypXb9kz57dFaEBQp3w==
expires: Sat, 03 Apr 2021 23:16:05 GMT

GET
H2 200 a4b50503eda6c15773d6e61c238230eb42fb050d.png
cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/ 2 KB
3 KB 25ms
23ms Image
image/png 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 16:04:08 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 2487928
x-cache: Hit from cloudfront
content-length: 2344
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-928"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: -SacJnyD2EWMjHbmaAysdpENICxMqlHhdDkR5URFcm2zhOqJWn5EHQ==
expires: Wed, 31 Mar 2021 16:04:08 GMT

GET
H2 200 f137d86a00a91a0237118704ad06ee2f87a9a3f8.js Show response
cf.bstatic.com/static/js/calendar2_legacy_cloudfront_sd/ 63 KB
15 KB 12ms
10ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/calendar2_legacy_cloudfront_sd/f137d86a00a91a0237118704ad06ee2f87a9a3f8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

401b61abc4b7e17ec9f7d8b6e613decbeedc7b7ed6d0bf16664776dd05cbda60

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 14:15:41 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1112035
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Sep 2020 11:42:27 GMT
server: nginx
etag: W/"5f5b62a3-fcc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: gGPokt0j05xocxKBidbXqUI6qdsWjgcokEB5IEqZ7_Jvg5mLj-VudQ==
expires: Fri, 16 Apr 2021 14:15:41 GMT

GET
H2 200 9176562b888e92c9fee5902f0271a0cd82b69409.js Show response
cf.bstatic.com/static/js/atlas_cloudfront_sd/ 116 KB
29 KB 12ms
10ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/atlas_cloudfront_sd/9176562b888e92c9fee5902f0271a0cd82b69409.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ff8a106502821f03008f59b14b7cb104d1015ed341d1983f94f90f12c1035b39

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 14:53:58 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 2492138
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Mar 2021 10:56:08 GMT
server: nginx
etag: W/"603cc848-1ce04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: bTp70L3tMXpBELcOZvIdTbCBCaGM_rno4B60vvwXIReJbnGABgYDFQ==
expires: Wed, 31 Mar 2021 14:53:58 GMT

GET
H2 200 932ee7948eec09f693a81296ecc1b6931fb710f1.js Show response
cf.bstatic.com/static/js/atlas_cst_cloudfront_sd/ 693 KB
79 KB 12ms
10ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/atlas_cst_cloudfront_sd/932ee7948eec09f693a81296ecc1b6931fb710f1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

33ed5fb553d062bd8e8f3b919265e2e9c1f2d36a488932cb90b7c0c0971f4db9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 08:35:13 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 95663
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Mar 2021 07:58:54 GMT
server: nginx
etag: W/"606188be-ad4ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: lFIU54BS3wasb2UPq-azRa6m9i2zaFeZOEmDqv6r6v5bCCSGJMZb2g==
expires: Wed, 28 Apr 2021 08:35:13 GMT

GET
H2 200 06071dd1c4e89fbe99e5ad6e21584a6bf9585e84.js Show response
cf.bstatic.com/static/js/calendar2_cloudfront_sd/ 51 KB
14 KB 12ms
11ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/calendar2_cloudfront_sd/06071dd1c4e89fbe99e5ad6e21584a6bf9585e84.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2b5eff8ab6aad9f36198a6911afa4eb1c1edbd630ab8434962c5813313d02bd9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 21:20:09 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1777767
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jan 2021 10:06:38 GMT
server: nginx
etag: W/"5ffd74ae-cbbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: 0Fu26QhDQNGtIXyuTU7WLan3XM4ISzKv66B8PKrec-HGzAKjEf5QWQ==
expires: Thu, 08 Apr 2021 21:20:09 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 42ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1070314322&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4228414

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cfbcd67855f66bf69373d3a2a1cb69d88a1ffd5e9e2ed7b92ebcc44316435fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40721
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Mar 2021 11:09:36 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFKLM6D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3269
date: Tue, 30 Mar 2021 10:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Tue, 30 Mar 2021 12:15:07 GMT

GET
H3-Q050

200

activityi;dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3... Show response
4228414.fls.doubleclick.net/ Frame 2575
Redirect Chain

https://4228414.fls.doubleclick.net/activityi;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https...
https://4228414.fls.doubleclick.net/activityi;dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=bookin...

735 B
1 KB

75ms
43ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4228414.fls.doubleclick.net/activityi;dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFKLM6D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

13cf1eb24d0d4aab7081f31a16f89b44884c956053eee83d03d35d0aa990d7b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4228414.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.booking.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Mar 2021 11:09:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 532
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 30-Mar-2021 11:24:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Mar 2021 11:09:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4228414.fls.doubleclick.net/activityi;dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ae44977e7bcb6eee77e033e9b97e713007aaa7e2.js Show response
cf.bstatic.com/static/js/cars_cloudfront_sd/ 29 KB
8 KB 10ms
9ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/cars_cloudfront_sd/ae44977e7bcb6eee77e033e9b97e713007aaa7e2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

44e25c8ddc94cccb500851d49aa972ea7ec68a84b1adf91f3465b4e47693d721

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 11:14:03 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 258933
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Feb 2021 07:40:59 GMT
server: nginx
etag: W/"6033600b-7446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: rfghsyCCDvkBbvPpnMVrxCvDPSVlT_QiwWfGoemZn9Nw8oGGYcXJzA==
expires: Mon, 26 Apr 2021 11:14:03 GMT

GET
H2 200 3360becbcf0aeed155510b8b4befe3979b34a2ee.svg
cf.bstatic.com/static/img/cross_product_index/rentalcars/ 5 KB
2 KB 10ms
10ms Image
image/svg+xml 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/rentalcars/3360becbcf0aeed155510b8b4befe3979b34a2ee.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/99635b6677d336909493a622c82c173f4e7312b8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7bd0b318d65d145350bd8f42c64b1ae0794ced514bb763dbc94a92e540dd4872

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/99635b6677d336909493a622c82c173f4e7312b8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 23:30:11 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1424365
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:52 GMT
server: nginx
etag: W/"5cadd1d0-1356"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: ONVAljJALfTE8_e4HlpnGCyDt4DbLPSDBEL_tpN1SPlvWVLAtEl_qQ==
expires: Mon, 12 Apr 2021 23:30:11 GMT

GET
DATA 200
OK truncated
/ 263 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75e0deaee60c5acbe9e3ed3e15ab5366ed871c24a476d6f8e454117bafc1c38f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 45ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-124744172-1&cid=1371872904.1617102577&jid=1881594409&gjid=1763061976&_gid=522317946.1617102577&_u=YGBAgEABAAAAAE~&z=1797839331

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Mar 2021 11:09:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.booking.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1963205495&t=pageview&_s=1&dl=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-&ul=en-us&de=UTF-8&dt=Location%20de%20voitures%20pas%20ch%C3%A8re%C2%A0%3A%20les%20meilleures%20offres%20et%20destinations%20%C3%A0%20travers%20le%20monde&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1881594409&gjid=1763061976&cid=1371872904.1617102577&uid=&tid=UA-124744172-1&_gid=522317946.1617102577&gtm=2wg3h0WFKLM6D&cg1=(not%20set)&cg2=(not%20set)&cg3=(not%20set)&cg4=%2Fcars%2Findex.fr.html&cd2=Intra-Company&cd5=GTM-WFKLM6D%20v10&cd7=1&cd8=booking-cars&cd9=(not%20set)&cd15=mm_engage_ct_footer&cd18=&cd20=(not%20set)&cd21=(not%20set)&cd26=booking-cars&cd27=false&cd41=&cd59=(not%20set)&cd72=%2Fcars%2Findex.fr.html&cd86=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd91=Intra-Company&cd92=booking-cars&cd95=&cd97=1&cd28=1371872904.1617102577&z=510830104&cd44=1172

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 04:40:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23338
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 37ms
37ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070314322&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3d3334f2122e1411a5f4be5b85a712373d7b791de57d829d1fd8b3cbdba30344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13743
x-xss-protection: 0
server: cafe
etag: 506321234855497976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 11:09:36 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 37ms
16ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-124744172-1&cid=1371872904.1617102577&jid=1881594409&_u=YGBAgEABAAAAAE~&z=1915734495

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 11:09:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 39ms
18ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-124744172-1&cid=1371872904.1617102577&jid=1881594409&_u=YGBAgEABAAAAAE~&z=1915734495

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 11:09:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww... Show response
adservice.google.com/ddm/fls/i/ Frame 98C2 734 B
1005 B 67ms
47ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-

Requested by

Host: 4228414.fls.doubleclick.net
URL: https://4228414.fls.doubleclick.net/activityi;dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c47519e3f173d61b43f4fdf83e010ed83850cf3acbc721985eebf60619efab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4228414.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4228414.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Mar 2021 11:09:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 532
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK logo
www.booking.com/ 12 B
612 B 67ms
66ms Image
image/gif 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.booking.com/logo?ver=1&sid=5ad2f924deb9dffab49579c7d3d9ac57&t=16171025751

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:36 GMT
content-encoding: br
content-security-policy-report-only: report-uri https://reports.booking.com/csp_violation?type=report&tag=112&pid=3f024e78a2d90095&e=UmFuZG9tSVYkc2RlIyh9YbpBYTW1tHKzpikm2dxA0BWazh4lz3FdQwBdjHaqFhOR&f=0&s=0; frame-ancestors 'none';
server: nginx
vary: Accept-Encoding, User-Agent
content-type: image/gif
strict-transport-security: max-age=604800
content-length: 35
x-xss-protection: 1; mode=block

GET
H2 200 1e0ff1c51dfa07d6a94407a832621012c8b5520d.png
cf.bstatic.com/static/img/tooltip/ 388 B
818 B 10ms
9ms Image
image/png 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tooltip/1e0ff1c51dfa07d6a94407a832621012c8b5520d.png

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/99635b6677d336909493a622c82c173f4e7312b8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

74f934a8dadbbb8ca80f15a514ae27bc1574ccf8182d43e9ae5c45cbb96046fc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/99635b6677d336909493a622c82c173f4e7312b8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 00:28:31 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
age: 1939266
x-cache: Hit from cloudfront
content-length: 388
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-184"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3Y57R76UEE95kWumVwIH62CDdRvMjUj69kkInTKIKVFWwZd0WeU3Vg==
expires: Wed, 07 Apr 2021 00:28:31 GMT

GET
H2 200 29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2
cf.bstatic.com/static/fonts/booking-iconset-original/ 91 KB
91 KB 13ms
12ms Font
application/octet-stream 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/booking-iconset-original/29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/30c2459e3f2bd3b97c6038fdc16e7f74d242a601.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a98c20990fe3e31203fe2db8384af8e05e7b358cdae3c28b034e1f02b47db630

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/30c2459e3f2bd3b97c6038fdc16e7f74d242a601.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 22:05:02 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1515875
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: W/"5cadd1cd-16a34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: k61OZi250Kt2bfYP3w9cXDJA6TJauqusj3juM-y6qsQMan6Qhd91rA==
expires: Sun, 11 Apr 2021 22:05:02 GMT

GET
H2 200 814380bbeb47a9ce1c36097f97fbaafe02769a58.svg
cf.bstatic.com/static/img/cross_product_index/arrow-left/ 901 B
1 KB 22ms
22ms Image
image/svg+xml 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/arrow-left/814380bbeb47a9ce1c36097f97fbaafe02769a58.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/99635b6677d336909493a622c82c173f4e7312b8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ec8a1ca80e08642365c5716d9138f9249687929c00314beb0ee9afe6cb1b7acf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/99635b6677d336909493a622c82c173f4e7312b8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 04:19:33 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
age: 1925404
x-cache: Hit from cloudfront
content-length: 901
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:52 GMT
server: nginx
etag: "5cadd1d0-385"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rMz-PY5ws4t-dXCnYtnLABNXLM8J-_9n-t07Vd51NIbBM-hC500xOQ==
expires: Wed, 07 Apr 2021 04:19:33 GMT

GET
H2 200 4a53d98264687b095f98335c3e1428ed7c106a9b.svg
cf.bstatic.com/static/img/cross_product_index/arrow-right/ 907 B
1 KB 11ms
11ms Image
image/svg+xml 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/cross_product_index/arrow-right/4a53d98264687b095f98335c3e1428ed7c106a9b.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/99635b6677d336909493a622c82c173f4e7312b8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4a2d607492b555daf0c127c0aaa4375eae715c74fb90b562581c527459c518dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/css/cars_cloudfront_sd.iq_ltr/99635b6677d336909493a622c82c173f4e7312b8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 00:50:48 GMT
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 2024329
x-cache: Hit from cloudfront
content-length: 907
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:52 GMT
server: nginx
etag: "5cadd1d0-38b"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 7qCCvJMY9a-CLDXWHV0iNTTHqvQ2DFt43HBkcsj-dj5yShZggPcA5g==
expires: Tue, 06 Apr 2021 00:50:48 GMT

GET
H/1.1 200
OK js_tracking Show response
www.booking.com/ 0
704 B 64ms
64ms XHR
text/plain 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/js_tracking?aid=339530&ref_action=cars&ver=2&stype=1&pid=7d154e7703ce0034&lang=fr&sid=5ad2f924deb9dffab49579c7d3d9ac57&ete=&etg=&etcg=&ets=NVNZYeJBBYZUeQKBBTZMcET|1,NVNZYeJBBYZUeQKBBTZMcET|2&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YTfXYS5glxyEXypSQ789BZrcz2khdJLlxC3thEkmYq_Oy-9HuLmp9bV3K6DFup4H1PxjwXWknNNBFwYv6Ya5_nKEMLDQIng5rdiumBAOtjyRiXD8zUn4hpM44bVBgcrQSS2Ri4VnCkW_8f7915_TfaF53jRvXBR0a0gUyoI53YWVvL49LTXAcS2cQKDQ_FOzgcy8BqW_5rLFP_MElSEPh88aB1i_BBXI4xGNhPyWbzB-ZYEl6_mD6vo

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Language-Code: fr
X-Booking-Client-Info: NVNZYeJBBYZUeQKBBTZMcET|1,NVNZYeJBBYZUeQKBBTZMcET|2
X-Booking-CSRF: Lz9jYAAAAAA=dZV-7PU_IqXpoEIjjiRVUsAfer4Q3-oEwE3RXtd8IX6SGGTlJ7VDZvr1RuNkmJy5JXzu038CbDV6tE-5311yh5BO_5lvGx9PhbqIdB44ch_b9ZuMXgmpInnBzX1CJFuSU9S1lxWzcIszUq71ogKDBljaZvputD5IyRxt-Ghxhe3Bb-q4RY9mdFuwxTxTY3SB2DqjMBXxJEnq87op
X-Booking-AID: 339530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Booking-Label: 46618_ct-banner-cars_v2-
X-Partner-Channel-Id: 20
X-Booking-Pageview-Id: 7d154e7703ce0034
X-Booking-Info: 1296240,1298870,1302100,1305690,1307050,1307140,NVNZYeJBBYZUeQKBBTZMcET|1,NVNZYeJBBYZUeQKBBTZMcET|2
Referer: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
X-Booking-SiteType-Id: 1
X-Requested-With: XMLHttpRequest
X-Booking-Session-Id: 5ad2f924deb9dffab49579c7d3d9ac57

Response headers

date: Tue, 30 Mar 2021 11:09:37 GMT
content-encoding: br
vary: User-Agent, Accept-Encoding
server: nginx
content-security-policy-report-only: report-uri https://reports.booking.com/csp_violation?type=report&tag=112&pid=27a34e78b0b600f6&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejJRMvVSynEDDQPNSss5Mqe0dzdh6TWVLg8&f=0&s=0; frame-ancestors 'none';
content-type: text/plain; charset=UTF-8
transfer-encoding: chunked
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/ 3 KB
2 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/?random=1617102577096&cv=9&fst=1617102577096&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-&tiba=Location%20de%20voitures%20pas%20ch%C3%A8re%C2%A0%3A%20les%20meilleures%20offres%20et%20destinations%20%C3%A0%20travers%20le%20monde&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66394acf15661f031c38523e5bb7e75d7cedb81863ac046137ed3f2746a33755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/ 3 KB
1 KB 75ms
54ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/?random=1617102577100&cv=9&fst=1617102577100&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-&tiba=Location%20de%20voitures%20pas%20ch%C3%A8re%C2%A0%3A%20les%20meilleures%20offres%20et%20destinations%20%C3%A0%20travers%20le%20monde&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6b4f2b889c2e4e8bde0b09bec75c8ac89f3292d462e0f7b209c04eed56a1ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww... Show response
adservice.google.de/ddm/fls/i/ Frame 70DF 194 B
877 B 64ms
44ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CL7Fi8Xw1-8CFVXO1QodilkGuQ;src=4228414;type=carsh0;cat=booki0;ord=8670583870509;gtm=2wg3h0;auiddc=603788764.1617102576;u3=booking-cars;u4=booking-cars;u20=(not%20set);~oref=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Mar 2021 11:09:37 GMT
expires: Tue, 30 Mar 2021 11:09:37 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1070314322/ 42 B
530 B 52ms
32ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070314322/?random=1617102577096&cv=9&fst=1617102000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-&tiba=Location%20de%20voitures%20pas%20ch%C3%A8re%C2%A0%3A%20les%20meilleures%20offres%20et%20destinations%20%C3%A0%20travers%20le%20monde&async=1&fmt=3&is_vtc=1&random=677453469&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1070314322/ 42 B
66 B 55ms
36ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070314322/?random=1617102577096&cv=9&fst=1617102000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-&tiba=Location%20de%20voitures%20pas%20ch%C3%A8re%C2%A0%3A%20les%20meilleures%20offres%20et%20destinations%20%C3%A0%20travers%20le%20monde&async=1&fmt=3&is_vtc=1&random=677453469&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1070314322/ 42 B
66 B 25ms
25ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070314322/?random=1617102577100&cv=9&fst=1617102000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-&tiba=Location%20de%20voitures%20pas%20ch%C3%A8re%C2%A0%3A%20les%20meilleures%20offres%20et%20destinations%20%C3%A0%20travers%20le%20monde&async=1&fmt=3&is_vtc=1&random=4015620521&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1070314322/ 42 B
530 B 26ms
26ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070314322/?random=1617102577100&cv=9&fst=1617102000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-&tiba=Location%20de%20voitures%20pas%20ch%C3%A8re%C2%A0%3A%20les%20meilleures%20offres%20et%20destinations%20%C3%A0%20travers%20le%20monde&async=1&fmt=3&is_vtc=1&random=4015620521&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 261 KB
61 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Q664QZ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87624e6ee05ba8d6adc1c5e2bae4a109c33765d3951c447aaaba06795ebabe48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62285
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Mar 2021 11:09:37 GMT

GET
H2 200 0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css
cf.bstatic.com/static/css/print/ 5 KB
2 KB 9ms
9ms Stylesheet
text/css 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/print/0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/main_bui_9_cloudfront_sd/c6b37906e15bab346d0c60d135f2351f8e9b22ff.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f9824e5f4727f34dd4b3f268cc3a51970a763e2e54fbe9934c44b7ffc1159e8b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 22:05:02 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1515875
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:34 GMT
server: nginx
etag: W/"5cadd1be-13ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: -QIeT_omCTdbG4EyjKbhJ3sX38leCwLGZUc-AlFZtxsEukyEZ7cTzw==
expires: Sun, 11 Apr 2021 22:05:02 GMT

POST
H/1.1 200
OK js_tracking
www.booking.com/ 12 B
697 B 66ms
65ms Other
image/gif 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/js_tracking?aid=339530&ref_action=cars&ver=2&stype=1&pid=7d154e7703ce0034&lang=fr&sid=5ad2f924deb9dffab49579c7d3d9ac57&m=UmFuZG9tSVYkc2RlIyh9YTfXYS5glxyEXypSQ789BZrcz2khdJLlxC3thEkmYq_Oy-9HuLmp9bV3K6DFup4H1PxjwXWknNNBFwYv6Ya5_nKEMLDQIng5rdiumBAOtjyRiXD8zUn4hpM44bVBgcrQSS2Ri4VnCkW_8f7915_TfaF53jRvXBR0a0gUyoI53YWVvL49LTXAcS2cQKDQ_FOzgcy8BqW_5rLFP_MElSEPh88aB1i_BBXI4xGNhPyWbzB-ZYEl6_mD6vo&etgwv=js_onload_resource_transfer_size|977&_=1617102577214

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/main_bui_9_cloudfront_sd/c6b37906e15bab346d0c60d135f2351f8e9b22ff.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

d9a55f7230942e5aa22d40adf36bafd94d3ed6719f5c56b1cbc19ab4f874d83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Mar 2021 11:09:37 GMT
content-encoding: br
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://reports.booking.com/csp_violation?type=report&tag=112&pid=e8ae4e78b56f00ba&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejIjrlzSAObadOnxDdW0GkA8oIAXoXvxR7c&f=0&s=0;
server: nginx
vary: User-Agent, Accept-Encoding
content-type: image/gif
strict-transport-security: max-age=604800
content-length: 35
x-xss-protection: 1; mode=block

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 50ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q664QZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:09:37 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref: Ref A: C037F019F3034A45B6720658FB59A1BC Ref B: FRAEDGE1207 Ref C: 2021-03-30T11:09:37Z
etag: "804e75f6fd11d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8562

GET
H2 204 0
bat.bing.com/action/ 0
94 B 30ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15005356&tm=gtm001&Ver=2&mid=90268702-b6f6-4a2d-ae86-7830f991eea8&sid=6a5e5500914811eba404c9b815ef4d88&vid=6a5e7ac0914811ebad03bdf14ebf8b72&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Location%20de%20voitures%20pas%20ch%C3%A8re%C2%A0%3A%20les%20meilleures%20offres%20et%20destinations%20%C3%A0%20travers%20le%20monde&kw=location%20de%20voitures,%20location%20de%20voiture%20pas%20ch%C3%A8re,%20locations%20de%20voitures%20pas%20ch%C3%A8res,%20louer%20une%20voiture,%20louer%20voiture,%20louer%20des%20voitures&p=https%3A%2F%2Fwww.booking.com%2Fcars%2Findex.fr.html%3Fadplat%3Dmm_engage_ct_footer%26aid%3D339530%26emk%3DQEBU43837B%26emkcid%3D276%26checkin%3D2021-04-01%26checkout%3D2021-04-02%26selected_currency%3DEUR%26label%3D46618_ct-banner-cars_v2-&r=&lt=2220&evt=pageLoad&msclkid=N&sv=1&rn=968060
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 79DF5C79DC80443CAF75E94266DB5BD2 Ref B: FRAEDGE1207 Ref C: 2021-03-30T11:09:37Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 30ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15005356&tm=gtm001&Ver=2&mid=90268702-b6f6-4a2d-ae86-7830f991eea8&sid=6a5e5500914811eba404c9b815ef4d88&vid=6a5e7ac0914811ebad03bdf14ebf8b72&vids=0&el=business_booker&ev=2&evt=custom&msclkid=N&rn=517740
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 88BFBA63C2A04E58856296E52F339DC0 Ref B: FRAEDGE1207 Ref C: 2021-03-30T11:09:37Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
27ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15005356&tm=gtm001&Ver=2&mid=90268702-b6f6-4a2d-ae86-7830f991eea8&sid=6a5e5500914811eba404c9b815ef4d88&vid=6a5e7ac0914811ebad03bdf14ebf8b72&vids=0&el=is_genius&ev=0&evt=custom&msclkid=N&rn=989238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 0B44C60C13B741B4ACBFB0DD6F596828 Ref B: FRAEDGE1207 Ref C: 2021-03-30T11:09:37Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
92 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15005356&tm=gtm001&Ver=2&mid=90268702-b6f6-4a2d-ae86-7830f991eea8&sid=6a5e5500914811eba404c9b815ef4d88&vid=6a5e7ac0914811ebad03bdf14ebf8b72&vids=0&el=is_subscribed_to_newsletter&ev=1&evt=custom&msclkid=N&rn=905918
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D9A3DB63270A485283D01A20208E9C9C Ref B: FRAEDGE1207 Ref C: 2021-03-30T11:09:37Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15005356&tm=gtm001&Ver=2&mid=90268702-b6f6-4a2d-ae86-7830f991eea8&sid=6a5e5500914811eba404c9b815ef4d88&vid=6a5e7ac0914811ebad03bdf14ebf8b72&vids=0&el=account_status&ev=0&evt=custom&msclkid=N&rn=739675
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: B0ECD96386664221BD7465C1C0D368A4 Ref B: FRAEDGE1207 Ref C: 2021-03-30T11:09:37Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 35ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15005356&tm=gtm001&Ver=2&mid=90268702-b6f6-4a2d-ae86-7830f991eea8&sid=6a5e5500914811eba404c9b815ef4d88&vid=6a5e7ac0914811ebad03bdf14ebf8b72&vids=0&el=is_aspiring_genius&ev=1&evt=custom&msclkid=N&rn=877055
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Mar 2021 11:09:37 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2E8DE90637084173998EAE313FD26BC6 Ref B: FRAEDGE1207 Ref C: 2021-03-30T11:09:37Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px_v2.min..js Show response
cf.bstatic.com/libs/perimeterx/ 68 KB
23 KB 9ms
9ms Script
application/javascript 2600:9000:2182:8200:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/libs/perimeterx/px_v2.min..js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:8200:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7a24cecaadbac99e37e478cd5a0d2ab6bed0f5fa257cc2cf3fe91ff3652ea405

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 23:42:43 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 2374013
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 May 2019 15:37:10 GMT
server: nginx
etag: W/"5ced55a6-10e63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: zrhyUVQD6eUQoKS8e0lFCazXlWPLVOODZHppbMN3tFZrXtMSkUo6AQ==
expires: Thu, 01 Apr 2021 23:42:43 GMT

POST
H2 200 collector Show response
collector-pxikkul2rm.perimeterx.net/api/v1/ 808 B
1 KB 1669ms
68ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxikkul2rm.perimeterx.net/api/v1/collector
Requested by: Host: cf.bstatic.com
URL: https://cf.bstatic.com/libs/perimeterx/px_v2.min..js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: be83d4ebfaefbfbc9929273b706146040ebbd640f710a763a916fe83f74ae45a

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Mar 2021 11:09:38 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 808

POST
H/1.1 403
Forbidden navigation_times Show response
www.booking.com/ 0
955 B 1084ms
1084ms XHR
text/plain 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/navigation_times?sid=5ad2f924deb9dffab49579c7d3d9ac57&pid=7d154e7703ce0034&nts=0,0,1617102574994,0,0,0,0,1617102575193,1617102575193,1617102575194,1617102575194,1617102575349,1617102575211,1617102575350,1617102575569,1617102576235,1617102575572,1617102576939,1617102576939,1617102576945,1617102577207,1617102577207,1617102577214,0&first=1&cdn=cf&dc=32&bo=20&lang=fr&ref_action=cars&aid=339530&stype=1&route=&ua=17&ch=d&lt=&css_load=1&wn=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/cars/index.fr.html?adplat=mm_engage_ct_footer&aid=339530&emk=QEBU43837B&emkcid=276&checkin=2021-04-01&checkout=2021-04-02&selected_currency=EUR&label=46618_ct-banner-cars_v2-
X-Booking-CSRF: Lz9jYAAAAAA=dZV-7PU_IqXpoEIjjiRVUsAfer4Q3-oEwE3RXtd8IX6SGGTlJ7VDZvr1RuNkmJy5JXzu038CbDV6tE-5311yh5BO_5lvGx9PhbqIdB44ch_b9ZuMXgmpInnBzX1CJFuSU9S1lxWzcIszUq71ogKDBljaZvputD5IyRxt-Ghxhe3Bb-q4RY9mdFuwxTxTY3SB2DqjMBXxJEnq87op
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800
transfer-encoding: chunked
server: nginx
connection: close
date: Tue, 30 Mar 2021 11:09:39 GMT
x-xss-protection: 1; mode=block
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://reports.booking.com/csp_violation?type=report&tag=112&pid=5f804e79dbf300c1&e=UmFuZG9tSVYkc2RlIyh9YfnWSDpdIwKzDzbKZoiCiJvCeAL09pDsgLwQqefXxEp21k1p-Umz1eI&f=2&s=0;

POST
H2 200 collector Show response
collector-pxikkul2rm.perimeterx.net/api/v1/ 520 B
584 B 50ms
50ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxikkul2rm.perimeterx.net/api/v1/collector
Requested by: Host: cf.bstatic.com
URL: https://cf.bstatic.com/libs/perimeterx/px_v2.min..js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d1a56ceafeec555350272cef92f23edf85e2c8f7d65130684afd42ed59d0d496

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Mar 2021 11:09:39 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 520

POST
H2 200 collector Show response
collector-pxikkul2rm.perimeterx.net/api/v1/ 520 B
581 B 46ms
45ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxikkul2rm.perimeterx.net/api/v1/collector
Requested by: Host: cf.bstatic.com
URL: https://cf.bstatic.com/libs/perimeterx/px_v2.min..js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d0273ac06b821a7713e9e1c36c3e4463693543fb8677232984c7c48b29ca5e33

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Mar 2021 11:09:41 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 520

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 02:33:18	Name: IDE Value: AHWqTUmTHK9hAqzCfSa7wpK0hqw1sNoHrimzGfDMfRBIOCW2IAzjYLlougORypAH
.booking.com/	1970-01-19 17:13:08	Name: BJS Value: -
.booking.com/	1970-01-19 17:13:08	Name: _gid Value: GA1.2.522317946.1617102577
.booking.com/	1970-01-20 10:42:54	Name: _ga Value: GA1.2.1371872904.1617102577
.booking.com/	1970-01-20 01:57:18	Name: cors_js Value: 1
.booking.com/	1970-01-19 17:54:54	Name: b Value: %7B%22countLang%22%3A1%7D
.booking.com/	1970-01-19 17:11:42	Name: _dc_gtm_UA-124744172-1 Value: 1
.booking.com/	1970-01-21 12:59:42	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT8hqoqwQz32%2FCHj0JNwRJVYG21PjHPs3J7cXw53ZXYrSRtsc2vg2nTUgaO2TN0dEtcGdzjLCUj8u%2Bjh%2FgRdNpnp7usw6cBJKqcqVzEDyWEcgOohPRsXA%2FF3m1tDt0oC52hsvpRkgncX6k%2Fi98gOz98iDdnKWHO7gNg%3D
.booking.com/	1970-01-19 19:21:18	Name: _gcl_au Value: 1.1.603788764.1617102576
www.booking.com/	1970-01-20 01:57:18	Name: _pxhd Value: 7d52d838220462edcdcc37e233aea303d904a6da9ff26cb49359ccecf9cdedec%3A6936bd41-9148-11eb-97e8-850fcdac1ed0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4228414.fls.doubleclick.net
adservice.google.com
adservice.google.de
bat.bing.com
cdn.rcstatic.com
cf.bstatic.com
collector-pxikkul2rm.perimeterx.net
googleads.g.doubleclick.net
link.sg.booking.com
stats.g.doubleclick.net
www.booking.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.19.168.117
142.250.185.134
172.217.16.130
2600:9000:2182:8200:1f:e2ee:200:93a1
2600:9000:2182:f400:14:ecff:a140:93a1
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c04::9c
35.186.220.184
37.10.0.220
0277b2f4c4d8fdcfb1fd148ada4c9ddff22c101a92f6300831139c72dce94384
02d1394e6f2e5ef1f320e9122c11d058b535b6a403452e7f56fbd5b5c89830f2
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0c47519e3f173d61b43f4fdf83e010ed83850cf3acbc721985eebf60619efab9
0c4c2108ebb9789d45495cec9f0eb428cad1ddb27133e1c0e3fc2a9e9ba36c3a
0fec62acbe6cd0ebf682074d42b46384059fea21d322f2e14724c882454f353e
13cf1eb24d0d4aab7081f31a16f89b44884c956053eee83d03d35d0aa990d7b1
14d3ab41f7ba6b8841138e371b54a9824a5e040371f958af47e21c85ac666ab9
179bdb4a942f8326f14e383e31ced2a55ae87a638c1bd8493de0de18d55e2791
18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5
1cfbcd67855f66bf69373d3a2a1cb69d88a1ffd5e9e2ed7b92ebcc44316435fd
1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20
25bec79f383dda353fcc07fcac6021fa6ba1a8ddec29530e3962c91a58be0843
28dda9f0df9c80265a2e3ba5dbf3015b5751670eab044540dd0d92509fdfd0df
29baec1746756d78beb18ae3ffcc32757defe53e6ad61ec6e580f712f7dcb9a8
2b5eff8ab6aad9f36198a6911afa4eb1c1edbd630ab8434962c5813313d02bd9
2d22e1e51d3c477d55d8cacd06f5db5871c9156ccc1a3c00864384b76576ef19
33ed5fb553d062bd8e8f3b919265e2e9c1f2d36a488932cb90b7c0c0971f4db9
3826bacd8aac38ff4f25f594fad242b3a5e9f9d1c394bc04502df00477f8371c
38d191a8bd474783280507a7eae57d49a15056b30d3b82227aa7ea49d7f33a65
392f9d8c83af4ba4036e89938b3390781cfe46f3368981249262af759cef6289
3a918ad66ed1497b94e87a03d109ec72dd090a1fd58b85fd868d5bd0f83ad783
3d3334f2122e1411a5f4be5b85a712373d7b791de57d829d1fd8b3cbdba30344
401b61abc4b7e17ec9f7d8b6e613decbeedc7b7ed6d0bf16664776dd05cbda60
408d1d98dff7d87564dd910be65129d786ab8f8c04ec3e3459f0caa217c2d49c
44e25c8ddc94cccb500851d49aa972ea7ec68a84b1adf91f3465b4e47693d721
4a2d607492b555daf0c127c0aaa4375eae715c74fb90b562581c527459c518dd
4a73fc3eaaea98c3632572c8d4f6ff9cc280c26bbc245fac47dd6ac62864ee44
4ce63aac1fd4b52d36677ac54a98ea1c3bb008bc7888b17182e8ed3a7b2a22bd
58152349e8977d29033e96a8617c5b5699485400848518ac05dab5bee7e874c0
5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42
5d60a009b3d43a0ec5d42d6dc1d5d513b0b113923cc8dc1506b422fd2c8e2d24
5ebc362af700c879bb8985ce5bc1bb5295f6ff21080792d67cb944f1b666e173
66394acf15661f031c38523e5bb7e75d7cedb81863ac046137ed3f2746a33755
6a1d2ef83ed518cfcf4140c167c567c815d274b78cb82c2e28c1b01498d9da4a
6c98b348df1c087e3df2ed88f057115a6aba074898f0b9776de9e2394affe17d
74f934a8dadbbb8ca80f15a514ae27bc1574ccf8182d43e9ae5c45cbb96046fc
75e0deaee60c5acbe9e3ed3e15ab5366ed871c24a476d6f8e454117bafc1c38f
7926b27f6c8f9b6090b06df9ff4943c04f804281f9775f6fa2030b53f6c1ea1b
79ae7a140bce5db0f2453907a032c23566276c77c9d56b27dfd798558edcfcb1
7a24cecaadbac99e37e478cd5a0d2ab6bed0f5fa257cc2cf3fe91ff3652ea405
7bd0b318d65d145350bd8f42c64b1ae0794ced514bb763dbc94a92e540dd4872
7df71dab7434e8818e34e5cf9e9fed703e510e7eab27264b39e8072a5a140cda
807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455
87624e6ee05ba8d6adc1c5e2bae4a109c33765d3951c447aaaba06795ebabe48
891edf293c72592aee543921a2c28542a354b3b68593742de47dddccc88b53bf
8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f
989d322d7d5dcbf0d70bdf5ccb512aef7ffbb4b31051cd1072bd9f711f0dcfeb
994ec33de4b9253b6abbf26965dafb40c822e0b333e334456be7ff2a6fa638fe
9d756bd392e377878c3514109c7c9c8ada3544bca6d0365783044b53cc199034
a2dbf92b586bc1aa674d9332875b97a31e4b7c98967450653d626285bc78af47
a98c20990fe3e31203fe2db8384af8e05e7b358cdae3c28b034e1f02b47db630
b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974
b7b56687674adbfcb66719b258d1307dab25334a24ed8ec2cf0c0e8b932d3878
be83d4ebfaefbfbc9929273b706146040ebbd640f710a763a916fe83f74ae45a
d0273ac06b821a7713e9e1c36c3e4463693543fb8677232984c7c48b29ca5e33
d1a56ceafeec555350272cef92f23edf85e2c8f7d65130684afd42ed59d0d496
d9a55f7230942e5aa22d40adf36bafd94d3ed6719f5c56b1cbc19ab4f874d83a
dd6c66682b1ae5a3948b7f96ff6a230cb8ffff16ec117ca383c52fef48b11b61
dddeb4a31246970c1cd9c46cf70b56f39b6a294e231d6a843ac00f758e785daf
de647bd07cb1b5056a3e6cadd29d77ef2d84dbc29598e238e9671278e999ceed
dfa4fdd8bfcbe0228906f69947d3615d2694efac5061e721245e22894617df6f
dffb88a4aab017ee35ec80b6b3fab8d952daa067f5395d12baaf1bf2561cce38
e1d6a63eda69c63f38f06d468167befa0f0c9191c39c73c2a973ed367bc6bb5f
e22aae715e00a795278e6396669a4b12f88f180ac12a2b1cc356069daaf40c4e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b4f2b889c2e4e8bde0b09bec75c8ac89f3292d462e0f7b209c04eed56a1ba3
ec8a1ca80e08642365c5716d9138f9249687929c00314beb0ee9afe6cb1b7acf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f1795e80722788cebdceaa281e068113a5469fd5b66c2a3c979a35bccce3a701
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f9824e5f4727f34dd4b3f268cc3a51970a763e2e54fbe9934c44b7ffc1159e8b
fc4744086f6bcd03135042166bd6529cb324ab85d46428b020fa6ed913f40037
ff8a106502821f03008f59b14b7cb104d1015ed341d1983f94f90f12c1035b39

www.booking.com Open in urlscan Pro 37.10.0.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

100 %HTTPS

69 %IPv6

11 Domains

16 Subdomains

16 IPs

4 Countries

1313 kBTransfer

4181 kBSize

10 Cookies

28 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.booking.com Open in urlscan Pro
37.10.0.220 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

100 %
HTTPS

69 %
IPv6

11
Domains

16
Subdomains

16
IPs

4
Countries

1313 kB
Transfer

4181 kB
Size

10
Cookies

90 HTTP transactions
1 data transactions