www.booking.com Open in urlscan Pro
37.10.0.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1AWhsF3e2W-Fzkbm16ryfe1RG9hxLWuUGrh8IZ1diMdSHODp35Keg4Dxcf7Psm2LLCN...
Effective URL:
https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_...
Submission: On September 24 via api (September 24th 2020, 6:24:50 pm UTC) from FR

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 51 HTTP transactions. The main IP is 37.10.0.220, located in Netherlands and belongs to BOOKING-BV Booking.com, NL. The main domain is www.booking.com.
TLS certificate: Issued by DigiCert ECC Extended Validation Serv... on November 8th 2019. Valid for: 2 years.

This is the only time www.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
5	37.10.0.220 37.10.0.220	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
31	2600:9000:214... 2600:9000:214f:8000:1f:e2ee:200:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.3.47 99.86.3.47	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
51	9

1 151.101.114.110 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

link.sg.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.10.0.220 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2600:9000:214f:8000:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.3.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-47.fra6.r.cloudfront.net

assets.taxi.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.220.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-pxikkul2rm.perimeterx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	bstatic.com cf.bstatic.com	527 KB
8	booking.com 1 redirects link.sg.booking.com www.booking.com assets.taxi.booking.com	138 KB
7	cookielaw.org cdn.cookielaw.org	122 KB
2	perimeterx.net collector-pxikkul2rm.perimeterx.net	2 KB
2	google.com www.google.com	705 B
1	gstatic.com www.gstatic.com	133 KB
1	onetrust.com geolocation.onetrust.com	393 B
51	7

	Domain	Requested by
31	cf.bstatic.com	www.booking.com cf.bstatic.com
7	cdn.cookielaw.org	www.booking.com cdn.cookielaw.org
5	www.booking.com	www.booking.com cf.bstatic.com
2	collector-pxikkul2rm.perimeterx.net	cf.bstatic.com
2	www.google.com	cf.bstatic.com www.gstatic.com
2	assets.taxi.booking.com	www.booking.com
1	www.gstatic.com	www.google.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	link.sg.booking.com	1 redirects
51	9

This site contains no links.

Subject Issuer	Validity	Valid
www.booking.com DigiCert ECC Extended Validation Server CA	`2019-11-08` - `2021-11-12`	2 years	crt.sh
q-cf.bstatic.com DigiCert SHA2 Secure Server CA	`2020-06-05` - `2021-02-11`	8 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
cdn.taxi.booking.com Amazon	`2020-01-06` - `2021-02-06`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
perimeterx.net GeoTrust RSA CA 2018	`2019-07-03` - `2021-08-31`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
Frame ID: 7CF640BCF1CDBDF5DAE7E1981E4F92AB
Requests: 51 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzopcUAAAAAPh4ue2iRjzP6XdxDVpwJigtlmeD&co=aHR0cHM6Ly93d3cuYm9va2luZy5jb206NDQz&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&cb=typ2psoh4r1w
Frame ID: AE8A1C7E56734DC81482FE3E6BB8A307
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1AWhsF3e2W-Fzkbm16ryfe1RG9hxLWuUGrh8IZ1diMdSHOD... HTTP 302
https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

51
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

923 kB
Transfer

3400 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1AWhsF3e2W-Fzkbm16ryfe1RG9hxLWuUGrh8IZ1diMdSHODp35Keg4Dxcf7Psm2LLCNp4zadYw7qNJOzCR3u-gFDwKK9xyV47CYnf3RrNOXxW2RJtE8kq8D2yyZD6EiQjbvHbAY3s1Gj9B5NGoDtjVpO3gCN4WPBQsWSdNYz0Vnt6sBLfS2d2PzfbrZN1F6zDfc7OCCHBfVHdjowZwzwQ6LUaZUX6bJabSUuz-rIM_qD2T9PVag7s_2sYGHKBbHyHkUAomSz2_X8ETOlNc3WfaQMGENpzjeLCYpmdS8I-2mzuPrBkEuJuRKkfw92uZ5ogroCdoaaBFsQW0SEIw1iPvRqS8khjosnEBZoVBMGN8cQymAElKKiGjxT-FDXikaHyg/35g/rDfP7wgAQLiIfQXwX5YRaQ/h15/2JvGDvmSkd8s6is72KlnHpSwzHwCIrg_nu2x5fCyfCU HTTP 302
https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.fr.html Show response
www.booking.com/taxi/
Redirect Chain

https://link.sg.booking.com/uni/ss/c/QMN8zmdLvFlNCtm424-T1AWhsF3e2W-Fzkbm16ryfe1RG9hxLWuUGrh8IZ1diMdSHODp35Keg4Dxcf7Psm2LLCNp4zadYw7qNJOzCR3u-gFDwKK9xyV47CYnf3RrNOXxW2RJtE8kq8D2yyZD6EiQjbvHbAY3s1Gj...
https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&check...

348 KB
94 KB

521ms
446ms

Document
text/html

37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

a42f24edb71dc7b5ea5f9009444c9ff8df5cf6ec337b74f2fbca7af5999aaa23

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.booking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Thu, 24 Sep 2020 18:24:34 GMT
content-type: text/html; charset=UTF-8
content-length: 94686
cache-control: private
vary: User-Agent, Accept-Encoding
content-encoding: br
set-cookie: _pxhd=9916fc34ca812469fe3395626ca0608c166cea29324209274c738b57e5880564%3A32451fe1-fe93-11ea-961a-cd2274cfb572; path=/; expires=Fri, 24-Sep-2021 18:24:34 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhC%2F0idTZbh1FN%2BCZrfPuWvp2ThKYWlSPnvklH1p66xPHv%2BcCKlSD5c5a5gaUQDuyU9qmksRToRn5Z%2FtGVVOv6iu6qDqLTcR5c7gu5U6i9UVMfbcDxxIP2qHu3FlC94qKgltDn3PBuPGHfEVUqG3N64har%2BTJzvJAXk%3D; domain=.booking.com; path=/; expires=Tue, 23-Sep-2025 18:24:34 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=bdd78171b21e00e4&e=UmFuZG9tSVYkc2RlIyh9YaC0d7m-VD6lQNYsdhD1dHx_ABWKcs3SBYrrYdKcdm-H&f=2&s=0;
x-xss-protection: 1; mode=block

Redirect headers

status: 302
server: nginx
content-type: text/html; charset=utf-8
location: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
x-robots-tag: noindex, nofollow
accept-ranges: bytes
date: Thu, 24 Sep 2020 18:24:34 GMT
via: 1.1 varnish
x-served-by: cache-hhn4025-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1600971874.321158,VS0,VE88
content-length: 382

GET
H2 200 093ba4379029bea66dcc91eeecaa3b7ee259fbc0.js Show response
cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/ 37 KB
12 KB 16ms
11ms Script
application/javascript 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/093ba4379029bea66dcc91eeecaa3b7ee259fbc0.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dc83f9902e6e1ee88fdf6696eba68cda0f46a92d1cc868334cf07ecb8655a505

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:31:29 GMT
content-encoding: br
age: 895985
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 14 Sep 2020 09:27:19 GMT
server: nginx
etag: W/"5f5f3777-93db"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: wG0P_U1SVUElInr8iF0c9q1X6iMXMJrsilR-OLnbZ-X5hgC2BroqSA==
expires: Wed, 14 Oct 2020 09:31:29 GMT

GET
H2 200 b7d9d30c56875df3553b561b0a06e5edf66aa9fe.js Show response
cf.bstatic.com/static/js/jquery_cloudfront_sd/ 103 KB
33 KB 16ms
12ms Script
application/javascript 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/jquery_cloudfront_sd/b7d9d30c56875df3553b561b0a06e5edf66aa9fe.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58152349e8977d29033e96a8617c5b5699485400848518ac05dab5bee7e874c0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 01:45:05 GMT
content-encoding: br
age: 1960769
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:38 GMT
server: nginx
etag: W/"5cadd1c2-19a65"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: Bnh5NeCHq1HJjytTp8PK0dtrMo_XVL27aX7iLf_oaigqqYlvVMPhSg==
expires: Fri, 02 Oct 2020 01:45:05 GMT

GET
H2 200 d00e1f9336d9272913c133663bff7a3edc9b411e.js Show response
cf.bstatic.com/static/js/main_cloudfront_sd/ 514 KB
129 KB 16ms
12ms Script
application/javascript 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/main_cloudfront_sd/d00e1f9336d9272913c133663bff7a3edc9b411e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

23b508145aac1b3b5cc328ab080dc20246580f813984d79cd8045c0c97f3506a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 11:20:52 GMT
content-encoding: br
age: 198222
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 11:13:01 GMT
server: nginx
etag: W/"5f69dc3d-808f6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: 8qn0LKWK9EzojHog4OrfWu6UowVKMpnRpszGtMur-1dNaFKh9goVMA==
expires: Thu, 22 Oct 2020 11:20:52 GMT

GET
H2 200 32717a5b5bdc77e3d0e351ae9d4fe551c72c2bcf.js Show response
cf.bstatic.com/static/js/searchbox_cloudfront_sd/ 209 KB
46 KB 16ms
12ms Script
application/javascript 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/searchbox_cloudfront_sd/32717a5b5bdc77e3d0e351ae9d4fe551c72c2bcf.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0d396619d17b63bf3eece3f03bdf0353a3dd0866e623bf94d0cf1911b7ce1811

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 12:32:18 GMT
content-encoding: br
age: 625935
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Thu, 17 Sep 2020 12:29:36 GMT
server: nginx
etag: W/"5f6356b0-345ed"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: kGiu5EDWEqWbEchMHN7hI5d6vAIStD4-s1vPygZW3zK8bFzlCOU9BA==
expires: Sat, 17 Oct 2020 12:32:18 GMT

GET
H2 200 f56f7a2e7854715ad5ecc2f07a1a4c7b4a49970d.js Show response
cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/ 5 KB
2 KB 16ms
12ms Script
application/javascript 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/f56f7a2e7854715ad5ecc2f07a1a4c7b4a49970d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

989d322d7d5dcbf0d70bdf5ccb512aef7ffbb4b31051cd1072bd9f711f0dcfeb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 19 Sep 2020 02:24:24 GMT
content-encoding: br
age: 489610
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 22 May 2020 09:54:55 GMT
server: nginx
etag: "5ec7a16f-14e1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: XnGOnMeF8r5andNU_bXgOZ2nYhxCFW1T4dn_kwCmVMwpLz2ST8l_Hw==
expires: Mon, 19 Oct 2020 02:24:24 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/ 144 KB
15 KB 33ms
29ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d89478b6988e2b97240a98d5ddd2dd24b4799719b0fe891aba554434c36247d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Sep 2020 18:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 27nP5262IixDzYXZjHw6PA==
age: 4321
status: 200
vary: Accept-Encoding
content-length: 14247
cf-request-id: 0562f53a9700001f558e1db200000001
x-ms-lease-status: unlocked
last-modified: Tue, 08 Sep 2020 11:37:26 GMT
server: cloudflare
etag: 0x8D853EB8F603509
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f81c98de-001e-00fc-6fd8-85e679000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5d7e8b0a8cc81f55-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 12 KB
4 KB 17ms
17ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

396197a350c5f917f454cb764fa31f624d64f8fbac73445c4d2862bad7ca22bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Jao9NEADO7fIr5d6S3evQw==
age: 4351
status: 200
vary: Accept-Encoding
content-length: 3891
cf-request-id: 0562f53ad800001f558e1e0200000001
x-ms-lease-status: unlocked
last-modified: Thu, 24 Sep 2020 01:39:27 GMT
server: cloudflare
etag: 0x8D8602AACCA4D0A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 39969fd9-501e-0168-1d20-92c0e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5d7e8b0afdc21f55-FRA

GET
H2 200 2454015045ef79168d452ff4e7f30bdadff0aa81.js Show response
cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/ 95 B
521 B 10ms
6ms Script
application/javascript 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 02:37:36 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
age: 56819
x-cache: Hit from cloudfront
status: 200
content-length: 95
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:38 GMT
server: nginx
etag: "5cadd1c2-5f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GL8D5uGimnYTedjXqy_1ttprF1I5S9x2wkqVKjsoYuNlvzLAihkccQ==
expires: Sat, 24 Oct 2020 02:37:36 GMT

GET
H2 200 696b9baf5fa8fa9575c20c6667634f85c5f403a8.css
cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/ 378 KB
52 KB 12ms
9ms Stylesheet
text/css 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/696b9baf5fa8fa9575c20c6667634f85c5f403a8.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e646d7f59ae0614e98858c7ade205ee9ef8bf73495689befc3a2d5522c6c8ae2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 11:30:15 GMT
content-encoding: br
age: 197659
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 11:12:59 GMT
server: nginx
etag: W/"5f69dc3b-5e9d6"
vary: Accept-Encoding
content-type: text/css
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: lXjuz5ZXXSE7CXwbfLT91-swjItawUDdndT06UzlS8U5LJi0GA_iOQ==
expires: Thu, 22 Oct 2020 11:30:15 GMT

GET
H2 200 c27e647bd25696a06153aea5f31b983c7b4871b0.css
cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/ 134 KB
22 KB 12ms
9ms Stylesheet
text/css 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/c27e647bd25696a06153aea5f31b983c7b4871b0.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

491ef53eea080626a88f9b32b90e0e6b50ae9a371b48df4dd32487fe68c615a6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 11:30:15 GMT
content-encoding: br
age: 197659
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 11:12:59 GMT
server: nginx
etag: W/"5f69dc3b-2160a"
vary: Accept-Encoding
content-type: text/css
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: yWFwff0psrk2RKhhM87DC8SX8CWqtNBG5y6JMpL-39MXEVlyzOOU8A==
expires: Thu, 22 Oct 2020 11:30:15 GMT

GET
H2 200 e3713953ee2dbce3dfcac201f0a14ebd957e07e2.css
cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/ 167 KB
28 KB 12ms
9ms Stylesheet
text/css 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/e3713953ee2dbce3dfcac201f0a14ebd957e07e2.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

16e0003dc39f4f84971f2c8b6cfe26b1201132aadf5de888797ee27732630a56

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 15:59:00 GMT
content-encoding: br
age: 1391133
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 08 Sep 2020 15:17:43 GMT
server: nginx
etag: W/"5f57a097-29d3c"
vary: Accept-Encoding
content-type: text/css
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: t_VSWK6295AjEBibvpGyxyNnrLb7zt_CZjlCRoqNY8fXFVrXX9iYEA==
expires: Thu, 08 Oct 2020 15:59:00 GMT

GET
H2 200 34d47be8076a3487f8066db0e42290825debaa3b.css
cf.bstatic.com/static/css/landing_pages_common_cloudfront_sd.iq_ltr/ 72 KB
12 KB 18ms
16ms Stylesheet
text/css 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/landing_pages_common_cloudfront_sd.iq_ltr/34d47be8076a3487f8066db0e42290825debaa3b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1c6a2541264fe19e80b8efa30fd4b476c48cbd824572edfed50e316718146140

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 08:38:03 GMT
content-encoding: br
age: 726391
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 25 Aug 2020 12:27:12 GMT
server: nginx
etag: W/"5f4503a0-11e1b"
vary: Accept-Encoding
content-type: text/css
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: DBgLqSEiXxlK4C7Rj1cbqhj6OR9o-KnBgQ10F0c7lGBzTHvsptq1IQ==
expires: Fri, 16 Oct 2020 08:38:03 GMT

GET
H2 200 6790e0d8e380ae8962a942f1981c91d70fe1aa85.css
cf.bstatic.com/static/css/taxi_landing_page_cloudfront_sd.iq_ltr/ 6 KB
2 KB 18ms
16ms Stylesheet
text/css 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/taxi_landing_page_cloudfront_sd.iq_ltr/6790e0d8e380ae8962a942f1981c91d70fe1aa85.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

073234d941daeefb8754e8ed431363b9c1f48a88aa30c9eac423439209e9def1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 22:57:00 GMT
content-encoding: br
age: 588454
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 15 Sep 2020 08:05:11 GMT
server: nginx
etag: W/"5f6075b7-1950"
vary: Accept-Encoding
content-type: text/css
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: CqavvB8JABvv7OTiy9f1xY1OFbrs8neGVVb_DvIhlDtz_B3KtO4cmw==
expires: Sat, 17 Oct 2020 22:57:00 GMT

GET
H2 200 22615963add19ac6b6d715a97c8d477e8b95b7ea.png
cf.bstatic.com/static/img/b26logo/booking_logo_retina/ 2 KB
2 KB 13ms
10ms Image
image/png 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/b26logo/booking_logo_retina/22615963add19ac6b6d715a97c8d477e8b95b7ea.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a224634c470546276e7cac5917e6ad0e5f02d430903bfe192ddbf40eaee42f8e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 01:42:10 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 1960945
x-cache: Hit from cloudfront
status: 200
content-length: 2060
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:50 GMT
server: nginx
etag: "5cadd1ce-80c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1pjBrNKoCvGx_VRwEEV7jDnfSj9BlwaKKdVoY7gFRrHSDma9NLIVmg==
expires: Fri, 02 Oct 2020 01:42:10 GMT

GET
H2 200 44d20cd12a233cfc196701b40a8c2a86faf03cbf.gif
cf.bstatic.com/static/img/uc_ajax_loader/ 4 KB
4 KB 14ms
11ms Image
image/gif 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/uc_ajax_loader/44d20cd12a233cfc196701b40a8c2a86faf03cbf.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3ded295f7d7f59e37a96e4fe49f56b991e205f68b85a1fe2502327531c0879fb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 20:53:08 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 595887
x-cache: Hit from cloudfront
status: 200
content-length: 4178
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-1052"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fpju3zBlLker62FhNmOpP7vETZlWPJX7Hq3CnnbeCPCsxx7X4a5y5w==
expires: Sat, 17 Oct 2020 20:53:08 GMT

GET
H2 200 c3dafe717a0b4b97e6ddd0d791e8a018d8f96310.png
cf.bstatic.com/static/img/flags/24/fr/ 406 B
826 B 14ms
11ms Image
image/png 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/24/fr/c3dafe717a0b4b97e6ddd0d791e8a018d8f96310.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2fd19cf58102989e49660b27b21605038d4282cf758add4841285c2c17f2dacd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 03:05:26 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 832749
x-cache: Hit from cloudfront
status: 200
content-length: 406
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-196"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: l6aMlljxHXyMHwKd0Vb3wdjdJLBZBdrX0V-lmIMuQ82Pu2TKlUQy3A==
expires: Thu, 15 Oct 2020 03:05:26 GMT

GET
H2 200 booking-search.css
assets.taxi.booking.com/3.970.0/stylesheets/ 96 KB
10 KB 117ms
44ms Stylesheet
text/css 99.86.3.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.taxi.booking.com/3.970.0/stylesheets/booking-search.css
Requested by: Host: www.booking.com
URL: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-47.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76fc0300a22ca9910bdbcfe9a62b18a2698c218831711675b1e3713b4f079963

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 11:03:56 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 10:54:16 GMT
server: AmazonS3
age: 26440
etag: W/"ed1798acb2c40401d1504a99a346a3fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: C6_iaiipfjGwjZ0KmDvuwuvs3OAbswnA
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: text/css
x-amz-cf-id: Sd-6-RDN3UTyFW6hPtMWBP7GG-f-aqz_-DM7R_2UEIDTPJR9-hv0cw==
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)

GET
H2 200 search-mount-preact.js Show response
assets.taxi.booking.com/3.970.0/javascript/ 127 KB
31 KB 119ms
48ms Script
application/javascript 99.86.3.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.taxi.booking.com/3.970.0/javascript/search-mount-preact.js
Requested by: Host: www.booking.com
URL: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-47.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c2a40ec24c4560ccfb54ce57310234e34749fdde5989b7eeb8b0b11098a33e8

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 11:03:56 GMT
content-encoding: gzip
age: 26440
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 24 Sep 2020 10:54:15 GMT
server: AmazonS3
etag: W/"2aec72c07d89552977ecc9c671be4def"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
x-amz-version-id: NbmXcWTuwjoG3jP9mv7zzi6.p97NxPHP
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: IzP04-msJIICc6UK9Vb_UQs7bjaBtyWlrWrCidkpFy1TBVxAVpL_5g==

GET
H2 200 72b2754b7952cf88eb5752336a0b28aa108c192b.svg
cf.bstatic.com/static/img/taxi-book-taxi/ 3 KB
1 KB 14ms
12ms Image
image/svg+xml 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/taxi-book-taxi/72b2754b7952cf88eb5752336a0b28aa108c192b.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d53e868f1221b00888fb4ba5b8d351eec8ee594c3a349094eca889b40419d447

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 22:57:00 GMT
content-encoding: br
age: 588455
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: W/"5cadd1d3-a5e"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: MLwmSsVf9Pz-ta1CQtvTCUCQZ4sr9_S06uBFqmJ_CGFCsbJZyseK0A==
expires: Sat, 17 Oct 2020 22:57:00 GMT

GET
H2 200 80b8363402262d17552ebd80ecd51b6ddbe3c7f6.svg
cf.bstatic.com/static/img/taxi-meet-driver/ 2 KB
1 KB 14ms
12ms Image
image/svg+xml 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/taxi-meet-driver/80b8363402262d17552ebd80ecd51b6ddbe3c7f6.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

85177dbb2184b3ead18b43c93adabafff1e2686dd042009ca803159ee6107e2e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 01:06:15 GMT
content-encoding: br
age: 148700
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-927"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: 4SOlIJL_awreIlo0TCG3r3YcZQipYTlf98Cqg35sq8WJfmozipg8Pw==
expires: Fri, 23 Oct 2020 01:06:15 GMT

GET
H2 200 75cc4d191f8e30821c73817602a4e160955fe653.svg
cf.bstatic.com/static/img/taxi-arrive-at-destination/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/taxi-arrive-at-destination/75cc4d191f8e30821c73817602a4e160955fe653.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8576cec94e8b5629f82d026536bbea090839fd22e10462dfb7030fe1eb91709d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 13:43:53 GMT
content-encoding: br
age: 535241
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: W/"5cadd1d3-74b"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: kicqOKd_aFcN3vB3DfcEK5jOiiDTMHjIslQKiFn9aMVcfLp6GxuNoQ==
expires: Sun, 18 Oct 2020 13:43:53 GMT

GET
H2 200 79d898d0e29dd469799e76b6d4bb71b5b0f03707.svg
cf.bstatic.com/static/img/taxi-how-it-works/ 12 KB
3 KB 11ms
10ms Image
image/svg+xml 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/taxi-how-it-works/79d898d0e29dd469799e76b6d4bb71b5b0f03707.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65e57fe5ce4a5918496962ea5f2793a566bcf018b3c442932e21e54d164fd7d6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 01:04:44 GMT
content-encoding: br
age: 2135991
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: W/"5cadd1d3-318b"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: PtZIs1cZG0DTnyyav2mZHEyyGlq1dvdcfrLy2-gECjq9IxHDPyQrJQ==
expires: Wed, 30 Sep 2020 01:04:44 GMT

GET
H2 200 27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png
cf.bstatic.com/static/img/tfl/group_logos/logo_booking/ 2 KB
2 KB 9ms
8ms Image
image/png 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 01:29:46 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 406489
x-cache: Hit from cloudfront
status: 200
content-length: 1628
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-65c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xyMiMwv8wcD-I9bc4kF1ccyka26xTf4BBa9spjjItXPeL5SEJADTow==
expires: Tue, 20 Oct 2020 01:29:46 GMT

GET
H2 200 f80e129541f2a952d470df2447373390f3dd4e44.png
cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/ 2 KB
2 KB 9ms
8ms Image
image/png 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 00:16:11 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 756504
x-cache: Hit from cloudfront
status: 200
content-length: 1591
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-637"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: S5W_ccjK5hcHUWusxv8_z-3o0iiY9q12mfyH_e3BZP_rgKi4KmMSjA==
expires: Fri, 16 Oct 2020 00:16:11 GMT

GET
H2 200 83ef7122074473a6566094e957ff834badb58ce6.png
cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/ 1 KB
2 KB 10ms
9ms Image
image/png 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 01:21:36 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 1357379
x-cache: Hit from cloudfront
status: 200
content-length: 1154
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-482"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: TwOuce9q82hIB_0SElK19aYXHEpT76QwicZXLxt-3AyiUGhFfVBb_g==
expires: Fri, 09 Oct 2020 01:21:36 GMT

GET
H2 200 1c9191b6a3651bf030e41e99a153b64f449845ed.png
cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/ 2 KB
3 KB 10ms
9ms Image
image/png 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 01:51:29 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 145986
x-cache: Hit from cloudfront
status: 200
content-length: 2146
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 10:15:57 GMT
server: nginx
etag: "5e6a0bdd-862"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: XxZzteJ2Qf4hOJSsJDvgcDvJpvPcfFfCeL3kxqRVO69moDLXL5vf2Q==
expires: Fri, 23 Oct 2020 01:51:29 GMT

GET
H2 200 6bc5ec89d870111592a378bbe7a2086f0b01abc4.png
cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/ 3 KB
4 KB 9ms
7ms Image
image/png 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/6bc5ec89d870111592a378bbe7a2086f0b01abc4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 01:00:55 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 2049820
x-cache: Hit from cloudfront
status: 200
content-length: 3221
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-c95"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RzRFTfpSwBHSxPXc_MlMEyIrAi0jVuFN8cwQ8SgyI3fJ9ZP-fgEwrA==
expires: Thu, 01 Oct 2020 01:00:55 GMT

GET
H2 200 a4b50503eda6c15773d6e61c238230eb42fb050d.png
cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/ 2 KB
3 KB 10ms
8ms Image
image/png 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 01:29:10 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 1788925
x-cache: Hit from cloudfront
status: 200
content-length: 2344
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-928"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OuFCHcNHQxeCqRl0tEpM1CMMJ-zxwEE_KGu0efzhbCvgQcg8qJkc4Q==
expires: Sun, 04 Oct 2020 01:29:10 GMT

GET
H2 200 b700d9e3067c1186a3364012df4fe1c48ae6da44.png
cf.bstatic.com/static/img/nobg_all_blue_iq/ 73 B
490 B 9ms
8ms Image
image/png 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/nobg_all_blue_iq/b700d9e3067c1186a3364012df4fe1c48ae6da44.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6153929734ec12ec07072f327c1112301828497e4dd356ca261461b0b7ba9621

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 02:32:33 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 57122
x-cache: Hit from cloudfront
status: 200
content-length: 73
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
server: nginx
etag: "5cadd1d3-49"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VS57-5NvoFCii2QLSKLJffu_ZP58ChW5sjojbJvkdoiD7cHyPpI06w==
expires: Sat, 24 Oct 2020 02:32:33 GMT

GET
H2 200 54218898.webp
cf.bstatic.com/xdata/images/xphoto/1680x1120/ 41 KB
41 KB 21ms
20ms Image
image/webp 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/xphoto/1680x1120/54218898.webp?k=fce0235d7e117b085ac5ea58b09801fbba23801e9d91e433027f1c20a365975a&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3899a0fa94d5606904e0f6b52225b32a64e6bc8f17222a980fa86d4cddd838ac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 08:48:49 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
age: 552946
x-cache: Hit from cloudfront
status: 200
content-length: 41952
x-xss-protection: 1; mode=block
server: nginx
etag: "325d1ce6555a5047d65f3201104dd3379d902500"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: eFk9vVV1MfEA7WoQc2GtwtlfE7wrx_i1nQSNsQ1Ly1MBwJC8UTQT4g==
expires: Sun, 18 Oct 2020 08:48:49 GMT

GET
H2 200 5d6270f9d99467ef1f2d14da9abb86c291f4bb0b.js Show response
cf.bstatic.com/static/js/landing_pages_common_cloudfront_sd/ 1 KB
900 B 9ms
9ms Script
application/javascript 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/landing_pages_common_cloudfront_sd/5d6270f9d99467ef1f2d14da9abb86c291f4bb0b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fe9de8a5a2c28664072afea737f96725927201921503755bcaaa170c57af48a4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 16:17:28 GMT
content-encoding: br
age: 1130827
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 04 Feb 2020 10:19:57 GMT
server: nginx
etag: W/"5e39454d-497"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: seJ0S-0Jj8b2AV40N-iiStCpFknyNJMUHXW9kAQpvwjm4yS7ZNLuZg==
expires: Sun, 11 Oct 2020 16:17:28 GMT

GET
H2 200 03726feb455c1665e74d473d3cdfc4136016d412.js Show response
cf.bstatic.com/static/js/taxi_landing_page_cloudfront_sd/ 852 B
1 KB 12ms
12ms Script
application/javascript 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/js/taxi_landing_page_cloudfront_sd/03726feb455c1665e74d473d3cdfc4136016d412.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8ff7c30212a61fd0d4b82c526ed44956aac43872e889681cff469eef41f19b92

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 06:07:08 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
age: 2117847
x-cache: Hit from cloudfront
status: 200
content-length: 852
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Mar 2020 07:53:21 GMT
server: nginx
etag: "5e747671-354"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: BTzQsnNmykeGJW5B0mC66VSPLspDnH3X0OuAFust_k9kuP3YIQbv3g==
expires: Wed, 30 Sep 2020 06:07:08 GMT

GET
H2 200 3ea94870-d4b1-483a-b1d2-faf1d982bb31.json Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/ 4 KB
2 KB 13ms
13ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48bf6044861f73642109e65d08ace58060d75d35dca9c3b8d578d690923af4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: H381rYcjJAK8NX7dV3/lkA==
age: 4348
status: 200
vary: Accept-Encoding
content-length: 1786
cf-request-id: 0562f53baa00002bf26ebfd200000001
x-ms-lease-status: unlocked
last-modified: Tue, 08 Sep 2020 11:37:42 GMT
server: cloudflare
etag: 0x8D853EB995525A0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cd721796-301e-005e-68d8-852be5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5d7e8b0c49ed2bf2-FRA

GET
DATA 200
OK truncated
/ 282 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91748e4b8fc5282d31a55209bb1ca26acf06d4413756ad2cc05707d16c07e40a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 199 B
393 B 33ms
33ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2154546b704f7d5c6e5591d881ab658002274121117419717ddcff13f3082482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5d7e8b0c782dd725-FRA
cf-request-id: 0562f53bc70000d7254c324200000001

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ 325 KB
69 KB 19ms
19ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 4278
status: 200
vary: Accept-Encoding
content-length: 69711
cf-request-id: 0562f53ca200001f558e20c200000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 95919ae7-f01e-00e9-762c-7c24e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5d7e8b0ddd281f55-FRA

GET
H/1.1 200
OK logo
www.booking.com/ 12 B
617 B 46ms
46ms Image
image/gif 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.booking.com/logo?ver=1&sid=228768b043c096bb0daa5b4c4488e6b9&t=16009718741

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: br
content-security-policy-report-only: report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=bdd781718fe301b5&e=UmFuZG9tSVYkc2RlIyh9YbpBYTW1tHKziSI1Fticy-5MafWry9Y-3-8NXkmLYrXg&f=0&s=0; frame-ancestors 'self';
server: nginx
vary: User-Agent, Accept-Encoding
content-type: image/gif
strict-transport-security: max-age=604800
content-length: 35
x-xss-protection: 1; mode=block

GET
H2 200 29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2
cf.bstatic.com/static/fonts/booking-iconset-original/ 91 KB
91 KB 11ms
11ms Font
application/octet-stream 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/booking-iconset-original/29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/e3713953ee2dbce3dfcac201f0a14ebd957e07e2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a98c20990fe3e31203fe2db8384af8e05e7b358cdae3c28b034e1f02b47db630

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/e3713953ee2dbce3dfcac201f0a14ebd957e07e2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 03:17:58 GMT
content-encoding: br
age: 1955197
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: W/"5cadd1cd-16a34"
vary: Accept-Encoding
content-type: text/plain
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: OXDZgbfl-lgyY4HwzYe0uWFZPPEFJ22KGGTjarEvnHAi-unSGiNqtg==
expires: Fri, 02 Oct 2020 03:17:58 GMT

GET
H2 200 fr.json Show response
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/f8745995-04f8-44ca-a6ff-f90c2d275998/ 62 KB
15 KB 16ms
16ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/f8745995-04f8-44ca-a6ff-f90c2d275998/fr.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b48f633c8e7499e36a6b70e7f95b56ad0193e43b75fd3c9fdfadcb5408e3761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3l/3vMD9ToAJQXlt49Lkiw==
age: 1237
status: 200
vary: Accept-Encoding
content-length: 15313
cf-request-id: 0562f53cd000002bf26e822200000001
x-ms-lease-status: unlocked
last-modified: Tue, 08 Sep 2020 11:37:38 GMT
server: cloudflare
etag: 0x8D853EB96C35619
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 73913e69-801e-0047-67dd-85078d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5d7e8b0e1f5d2bf2-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 952 B
705 B 16ms
16ms Script
text/javascript 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfzopcUAAAAAPh4ue2iRjzP6XdxDVpwJigtlmeD&onload=onLoadRecaptchaV3Callback&_=1600971875435

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/jquery_cloudfront_sd/b7d9d30c56875df3553b561b0a06e5edf66aa9fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3bca817e4ce8205caed8d9111bcc629a0d483bb979a00f98d9814bbe6ca673a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 613
x-xss-protection: 1; mode=block
expires: Thu, 24 Sep 2020 18:24:35 GMT

GET
H2 200 0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css
cf.bstatic.com/static/css/print/ 5 KB
2 KB 6ms
6ms Stylesheet
text/css 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/css/print/0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/main_cloudfront_sd/d00e1f9336d9272913c133663bff7a3edc9b411e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f9824e5f4727f34dd4b3f268cc3a51970a763e2e54fbe9934c44b7ffc1159e8b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 15:14:27 GMT
content-encoding: br
age: 1393808
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 10 Apr 2019 11:21:34 GMT
server: nginx
etag: W/"5cadd1be-13ac"
vary: Accept-Encoding
content-type: text/css
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: EU0PkOXuivOKMIhJgx_KpNhzKPaAiSC-bK0q0X-6w3CxmiMA3PN6Pg==
expires: Thu, 08 Oct 2020 15:14:27 GMT

POST
H/1.1 200
OK js_tracking
www.booking.com/ 12 B
702 B 81ms
80ms Other
image/gif 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/js_tracking?sid=228768b043c096bb0daa5b4c4488e6b9&lang=fr&ref_action=taxi&aid=2075037&ver=2&stype=1&pid=bdd78171b21e00e4&m=UmFuZG9tSVYkc2RlIyh9YT-CzUO-CLkr_ua4mx9Xx_v0YmrWa6tpGMSGp_Ha27tPfmlylGzWnzl5zwgmJBI5s0wuwwq3HO-M4wcaB2XryVWTJoaSSUdmyT0KGghCXhi19KcIuxVOwTJiGYDFmDVqOvdTZkOLJ3IFV55a5UNSIqivYD5O87u9TWvR5REMUDGF5y8cRldKZN5SkP-PdsHZFrBdjeplxB3z1YdOJhKgRCO2DDss0u4Q2bFswJli_emmmh9gWS64zwc&etgwv=js_onload_resource_transfer_size|515&_=1600971875565

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/js/main_cloudfront_sd/d00e1f9336d9272913c133663bff7a3edc9b411e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

d9a55f7230942e5aa22d40adf36bafd94d3ed6719f5c56b1cbc19ab4f874d83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=f754817167220063&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejLsAE0Mj_NAPlZyeZBBO1g_vV95HTzdOEc&f=0&s=0;
server: nginx
vary: User-Agent, Accept-Encoding
content-type: image/gif
strict-transport-security: max-age=604800
content-length: 35
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK js_tracking Show response
www.booking.com/ 0
696 B 124ms
52ms XHR
text/plain 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/js_tracking?sid=228768b043c096bb0daa5b4c4488e6b9&lang=fr&ref_action=taxi&aid=2075037&ver=2&stype=1&pid=bdd78171b21e00e4&ete=&etg=&etcg=&ets=fdJcVSdMWZET|1&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YT-CzUO-CLkr_ua4mx9Xx_v0YmrWa6tpGMSGp_Ha27tPfmlylGzWnzl5zwgmJBI5s0wuwwq3HO-M4wcaB2XryVWTJoaSSUdmyT0KGghCXhi19KcIuxVOwTJiGYDFmDVqOvdTZkOLJ3IFV55a5UNSIqivYD5O87u9TWvR5REMUDGF5y8cRldKZN5SkP-PdsHZFrBdjeplxB3z1YdOJhKgRCO2DDss0u4Q2bFswJli_emmmh9gWS64zwc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Language-Code: fr
X-Booking-Client-Info: fdJcVSdMWZET|1
X-Booking-CSRF: ohxtXwAAAAA=QOwZyt7ba3rqXlZDwiM-PZcB2ATJ-WTK9XGF_WdxhzZzmP-WUTv4bEduBHnQipsVdWVB2wcOrcPVSrvdFPAtmaE11LwNp3DAKpiIXL6remKKtt590ht8BOjhsXp7LtT7Rk-tmz2WYqgViSsKd1h0ssfsLi3YLSx3VMuC8CPVJlQeGUgEokxH5TxfFStKVNe2I95BOBEOFcPsQJ3e
X-Booking-AID: 2075037
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Booking-Label: 43750_item-3_v2-
X-Partner-Channel-Id: 20
X-Booking-Pageview-Id: bdd78171b21e00e4
X-Booking-Info: 1099630,1170590,1179650,1185210,1185900,1189710,fdJcVSdMWZET|1
Referer: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
X-Booking-SiteType-Id: 1
X-Requested-With: XMLHttpRequest
X-Booking-Session-Id: 228768b043c096bb0daa5b4c4488e6b9

Response headers

date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent
server: nginx
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=0ba98171411201b8&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejL2BFNmlC1S9UVMLiX80-yHgYFLjX6AHu4&f=0&s=0;
content-type: text/plain; charset=UTF-8
transfer-encoding: chunked
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 12 KB
4 KB 14ms
14ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NgHQTHCGWwGmNE0ie37G8A==
age: 4344
status: 200
vary: Accept-Encoding
content-length: 3248
cf-request-id: 0562f53cf700002bf26e826200000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:16 GMT
server: cloudflare
etag: 0x8D84A3B556B9C39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1acb8152-f01e-00e2-472c-7c3c94000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5d7e8b0e58262bf2-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 57 KB
14 KB 15ms
14ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Sep 2020 18:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: C3H4UUH4EphFQbkR0Bpbhg==
age: 4330
status: 200
vary: Accept-Encoding
content-length: 14112
cf-request-id: 0562f53cf800002bf26e827200000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:18 GMT
server: cloudflare
etag: 0x8D84A3B56497C4B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7c7f49db-401e-0133-792c-7cc79e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5d7e8b0e582c2bf2-FRA

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/ 340 KB
133 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfzopcUAAAAAPh4ue2iRjzP6XdxDVpwJigtlmeD&onload=onLoadRecaptchaV3Callback&_=1600971875435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2698f18de870d08f9b84a9e741e1ca17697c8a8ef90703564579bb42ae579d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3719
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136265
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 00:07:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Sep 2021 17:22:36 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame AE8A 0
0 23ms
23ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzopcUAAAAAPh4ue2iRjzP6XdxDVpwJigtlmeD&co=aHR0cHM6Ly93d3cuYm9va2luZy5jb206NDQz&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&cb=typ2psoh4r1w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xf76CgilbKBelZNQ0DyjvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfzopcUAAAAAPh4ue2iRjzP6XdxDVpwJigtlmeD&co=aHR0cHM6Ly93d3cuYm9va2luZy5jb206NDQz&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&cb=typ2psoh4r1w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.booking.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.booking.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Sep 2020 18:24:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-Xf76CgilbKBelZNQ0DyjvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10017
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 px_v2.min..js Show response
cf.bstatic.com/libs/perimeterx/ 68 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:214f:8000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/libs/perimeterx/px_v2.min..js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7a24cecaadbac99e37e478cd5a0d2ab6bed0f5fa257cc2cf3fe91ff3652ea405

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 22:50:54 GMT
content-encoding: br
age: 329622
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 28 May 2019 15:37:10 GMT
server: nginx
etag: W/"5ced55a6-10e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: Q31xcPoFt62BZwNCMlHsHGlHvy6CHzujHLfMjkz-zTg0uZnh6HVOEA==
expires: Tue, 20 Oct 2020 22:50:54 GMT

POST
H2 200 collector Show response
collector-pxikkul2rm.perimeterx.net/api/v1/ 808 B
1 KB 144ms
81ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxikkul2rm.perimeterx.net/api/v1/collector
Requested by: Host: cf.bstatic.com
URL: https://cf.bstatic.com/libs/perimeterx/px_v2.min..js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 944204437dbe1191cc04ef46b68cce7ece3adb69e73454821f8aead6c7bc5c45

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Sep 2020 18:24:36 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 808

POST
H/1.1 202
Accepted navigation_times Show response
www.booking.com/ 0
812 B 64ms
64ms XHR
image/jpeg 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/navigation_times?sid=228768b043c096bb0daa5b4c4488e6b9&pid=bdd78171b21e00e4&nts=0,0,1600971874240,0,0,0,0,1600971874425,1600971874425,1600971874427,1600971874427,1600971874499,1600971874444,1600971874499,1600971874945,1600971875001,1600971874956,1600971875475,1600971875475,1600971875483,1600971875553,1600971875553,1600971875565,0&first=1&cdn=cf&dc=12&bo=20&lang=fr&ref_action=taxi&aid=2075037&stype=1&route=&ua=17&ch=d&lt=&css_load=1&wn=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/taxi/index.fr.html?aid=2075037&amp&adplat=emk_ct_flexi_policy_email&amp&utm_source=emk_ct_flexi_policy_email&amp&utm_medium=email&amp&emk=0FJZV9ZZON&amp&emkcid=143&amp&checkin=2020-09-26&amp&checkout=2020-09-27&amp&selected_currency=EUR&amp&label=43750_item-3_v2-
X-Booking-CSRF: ohxtXwAAAAA=QOwZyt7ba3rqXlZDwiM-PZcB2ATJ-WTK9XGF_WdxhzZzmP-WUTv4bEduBHnQipsVdWVB2wcOrcPVSrvdFPAtmaE11LwNp3DAKpiIXL6remKKtt590ht8BOjhsXp7LtT7Rk-tmz2WYqgViSsKd1h0ssfsLi3YLSx3VMuC8CPVJlQeGUgEokxH5TxfFStKVNe2I95BOBEOFcPsQJ3e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Sep 2020 18:24:36 GMT
x-content-options: nosniff
server: nginx
content-security-policy-report-only: report-uri https://csp-receiver.booking.com/csp_violation?type=report&tag=112&pid=0ba9817239f5020a&e=UmFuZG9tSVYkc2RlIyh9YfnWSDpdIwKzDzbKZoiCiJtBFdVf3vz4xNmmWIDh57rSPOXPbQKJWJA&f=2&s=0; frame-ancestors 'self';
content-type: image/jpeg
strict-transport-security: max-age=604800
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 200 collector Show response
collector-pxikkul2rm.perimeterx.net/api/v1/ 520 B
584 B 141ms
140ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxikkul2rm.perimeterx.net/api/v1/collector
Requested by: Host: cf.bstatic.com
URL: https://cf.bstatic.com/libs/perimeterx/px_v2.min..js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2651a15b232e76ec9c9e90b327fb5f1ab66bb3faf172b2f47eb5a0c430813e06

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Sep 2020 18:24:37 GMT
via: 1.1 google
status: 200
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.booking.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 520

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.booking.com/	1969-12-31 23:59:59	Name: lastSeen Value: 0
.booking.com/	1970-01-19 21:28:27	Name: cors_js Value: 1
.booking.com/	1970-01-19 12:44:18	Name: BJS Value: -
.booking.com/	1970-01-19 13:26:03	Name: b Value: %7B%22countLang%22%3A1%7D
.booking.com/	1970-01-21 08:30:51	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhC%2F0idTZbh1FN%2BCZrfPuWvp2ThKYWlSPnvklH1p66xPHv%2BcCKlSD5c5a5gaUQDuyU9qmksRToRn5Z%2FtGVVOv6iu6qDqLTcR5c7gu5U6i9UVMfbcDxxIP2qHu3FlC94qKgltDn3PBuPGHfEVUqG3N64har%2BTJzvJAXk%3D
www.booking.com/	1970-01-19 21:28:27	Name: _pxhd Value: 9916fc34ca812469fe3395626ca0608c166cea29324209274c738b57e5880564%3A32451fe1-fe93-11ea-961a-cd2274cfb572

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.taxi.booking.com
cdn.cookielaw.org
cf.bstatic.com
collector-pxikkul2rm.perimeterx.net
geolocation.onetrust.com
link.sg.booking.com
www.booking.com
www.google.com
www.gstatic.com
151.101.114.110
2600:9000:214f:8000:1f:e2ee:200:93a1
2606:4700:10::6814:b944
2606:4700::6810:9540
2a00:1450:4001:801::2003
2a00:1450:4001:824::2004
35.186.220.184
37.10.0.220
99.86.3.47
073234d941daeefb8754e8ed431363b9c1f48a88aa30c9eac423439209e9def1
0d396619d17b63bf3eece3f03bdf0353a3dd0866e623bf94d0cf1911b7ce1811
16e0003dc39f4f84971f2c8b6cfe26b1201132aadf5de888797ee27732630a56
18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5
1c6a2541264fe19e80b8efa30fd4b476c48cbd824572edfed50e316718146140
1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20
2154546b704f7d5c6e5591d881ab658002274121117419717ddcff13f3082482
23b508145aac1b3b5cc328ab080dc20246580f813984d79cd8045c0c97f3506a
2651a15b232e76ec9c9e90b327fb5f1ab66bb3faf172b2f47eb5a0c430813e06
2698f18de870d08f9b84a9e741e1ca17697c8a8ef90703564579bb42ae579d82
2fd19cf58102989e49660b27b21605038d4282cf758add4841285c2c17f2dacd
3899a0fa94d5606904e0f6b52225b32a64e6bc8f17222a980fa86d4cddd838ac
396197a350c5f917f454cb764fa31f624d64f8fbac73445c4d2862bad7ca22bf
3bca817e4ce8205caed8d9111bcc629a0d483bb979a00f98d9814bbe6ca673a7
3ded295f7d7f59e37a96e4fe49f56b991e205f68b85a1fe2502327531c0879fb
48bf6044861f73642109e65d08ace58060d75d35dca9c3b8d578d690923af4bd
491ef53eea080626a88f9b32b90e0e6b50ae9a371b48df4dd32487fe68c615a6
4c2a40ec24c4560ccfb54ce57310234e34749fdde5989b7eeb8b0b11098a33e8
58152349e8977d29033e96a8617c5b5699485400848518ac05dab5bee7e874c0
5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42
6153929734ec12ec07072f327c1112301828497e4dd356ca261461b0b7ba9621
65e57fe5ce4a5918496962ea5f2793a566bcf018b3c442932e21e54d164fd7d6
76fc0300a22ca9910bdbcfe9a62b18a2698c218831711675b1e3713b4f079963
7a24cecaadbac99e37e478cd5a0d2ab6bed0f5fa257cc2cf3fe91ff3652ea405
807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd
85177dbb2184b3ead18b43c93adabafff1e2686dd042009ca803159ee6107e2e
8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455
8576cec94e8b5629f82d026536bbea090839fd22e10462dfb7030fe1eb91709d
8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f
8ff7c30212a61fd0d4b82c526ed44956aac43872e889681cff469eef41f19b92
91748e4b8fc5282d31a55209bb1ca26acf06d4413756ad2cc05707d16c07e40a
944204437dbe1191cc04ef46b68cce7ece3adb69e73454821f8aead6c7bc5c45
989d322d7d5dcbf0d70bdf5ccb512aef7ffbb4b31051cd1072bd9f711f0dcfeb
9b48f633c8e7499e36a6b70e7f95b56ad0193e43b75fd3c9fdfadcb5408e3761
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
a224634c470546276e7cac5917e6ad0e5f02d430903bfe192ddbf40eaee42f8e
a42f24edb71dc7b5ea5f9009444c9ff8df5cf6ec337b74f2fbca7af5999aaa23
a98c20990fe3e31203fe2db8384af8e05e7b358cdae3c28b034e1f02b47db630
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d53e868f1221b00888fb4ba5b8d351eec8ee594c3a349094eca889b40419d447
d89478b6988e2b97240a98d5ddd2dd24b4799719b0fe891aba554434c36247d1
d9a55f7230942e5aa22d40adf36bafd94d3ed6719f5c56b1cbc19ab4f874d83a
dc83f9902e6e1ee88fdf6696eba68cda0f46a92d1cc868334cf07ecb8655a505
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e646d7f59ae0614e98858c7ade205ee9ef8bf73495689befc3a2d5522c6c8ae2
f9824e5f4727f34dd4b3f268cc3a51970a763e2e54fbe9934c44b7ffc1159e8b
fe9de8a5a2c28664072afea737f96725927201921503755bcaaa170c57af48a4

www.booking.com Open in urlscan Pro 37.10.0.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

56 %IPv6

7 Domains

9 Subdomains

9 IPs

3 Countries

923 kBTransfer

3400 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.booking.com Open in urlscan Pro
37.10.0.220 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

923 kB
Transfer

3400 kB
Size

6
Cookies

51 HTTP transactions
1 data transactions