flights.booking.com Open in urlscan Pro
13.32.27.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a084...
Submission: On December 13 via api (December 13th 2023, 4:00:36 am UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 60 HTTP transactions. The main IP is 13.32.27.6, located in United States and belongs to AMAZON-02, US. The main domain is flights.booking.com. The Cisco Umbrella rank of the primary domain is 99047.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 12th 2023. Valid for: a year.

This is the only time flights.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	13.32.27.6 13.32.27.6	16509 (AMAZON-02) (AMAZON-02)
16	2600:9000:264... 2600:9000:2646:6e00:5:bf05:acc0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:9000:264... 2600:9000:2646:2800:5:bf05:acc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	18.245.60.76 18.245.60.76	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	11

11 13.32.27.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-6.fra56.r.cloudfront.net

flights.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:2646:6e00:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

q-xx.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t-cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r-xx.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2646:2800:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

q-cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.245.60.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-76.fra60.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	bstatic.com q-xx.bstatic.com — Cisco Umbrella Rank: 14074 q-cf.bstatic.com — Cisco Umbrella Rank: 176758 t-cf.bstatic.com — Cisco Umbrella Rank: 23987 r-xx.bstatic.com — Cisco Umbrella Rank: 22407	1 MB
17	booking.com flights.booking.com — Cisco Umbrella Rank: 99047 www.booking.com — Cisco Umbrella Rank: 10037	148 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 324	134 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 329	13 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	154 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 548	304 B
60	9

	Domain	Requested by
12	q-xx.bstatic.com	flights.booking.com q-xx.bstatic.com
11	flights.booking.com	q-xx.bstatic.com
9	q-cf.bstatic.com	flights.booking.com
7	cdn.cookielaw.org	flights.booking.com cdn.cookielaw.org
6	www.booking.com	flights.booking.com q-xx.bstatic.com
3	t-cf.bstatic.com	flights.booking.com
2	bat.bing.com	flights.booking.com bat.bing.com
2	www.google.de	flights.booking.com
2	www.google.com	flights.booking.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.googletagmanager.com	flights.booking.com www.googletagmanager.com
1	r-xx.bstatic.com
1	geolocation.onetrust.com	cdn.cookielaw.org
60	13

This site contains links to these domains. Also see Links.

Domain
secure.booking.com
www.booking.com
booking.com
www.voeazul.com.br
flights-br.gotogate.com
business.booking.com
cars.booking.com
www.opentable.de
www.bookingholdings.com
admin.booking.com
partner.booking.com
join.booking.com
www.sustainability.booking.com
news.booking.com
careers.booking.com

Subject Issuer	Validity	Valid
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-12` - `2024-05-18`	a year	crt.sh
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-29` - `2024-11-28`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Frame ID: FF64BB57D95BC58FCFACD93CB91DB146
Requests: 57 HTTP requests in this frame

Frame: https://www.booking.com/cookiebanner.html
Frame ID: 3886FDE09C31954F0136D654DD7EE11C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ihren Flug buchen - Booking.com

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

60
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

1626 kB
Transfer

6169 kB
Size

13
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.booking.com/help?source=hc_entry_point_flights_header&lang=de&aid=304142&label=flights-booking-direct

Search URL Search Domain Scan URL

URL: https://www.booking.com/index.html?aid=304142&label=flights-booking-direct
Title: Aufenthalte

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?lang=de&url=https%3A%2F%2Fbooking.kayak.com%2Fin%3Fp%3Dsearchbox_link%26sid%3Dfaa498404a50d3537cbce5a02cf75e4b%26mc%3DEUR%26a%3Dbdc%252Fsearchbox%26bdclc%3Dde&aid=304142&token=UmFuZG9tSVYkc2RlIyh9YdUctYXbSpuZoTU6_nozsxtoLAlikj-QMGbI7-a3XI485e0l1a9AffjzprDk4VvhUSvr0aLJz86xmPwNdUwcM9CzxPm0OJQ2B1wBKXw5QrnN3C9a7Y1N5s96bZBGBJvhSAd-sZvCGxTouG9MIrUwXwk1JxGucR6xWy-TOxCobJjqNpxqXoZP4auXzCxK2SPxhX1IjmNW1Yx6aORCytIXUO-QfzhTcHybslpjEa4KGXHWsuYo60JZxuc-X8IAANadf-sIQQLw_5zd8QX22VEcB2LxmCtlH0pfloOZJclplBDSOXnCN6K7F1g&label=flights-booking-direct
Title: Flüge

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?lang=de&url=https%3A%2F%2Fbooking.dertour.de&aid=304142&token=UmFuZG9tSVYkc2RlIyh9YaAHsRE_5bn37xbD79rr7UizJSSdeldk1SfFb22V-U4aCfZHgGQQAJeiB1BZR518uJMpk7HQUUAz6qMzVlj6LHVFW7UgyBIlfKRc15x0ZmhPuldi8U1nIePuEeQFV6XA5bdEpCV8c3jlI0-ssFnXyH5JZaQV1t1ZAfGdq7vSRWel9kPbntqBuAm4zsvXm3HRECLubV_YjMNollJD0Z52nY5PKkpGkacWNC0y4K9w3uNIgfyiisyDhQxgz8uXvDAlLLDPu6xPueQI6N0JGJ4gdBrlvoAMJKtfiZwn0WMKBbJEs7uC6Xv6NhfhbQ5PPd0T8A&label=flights-booking-direct
Title: Flug + Hotel

Search URL Search Domain Scan URL

URL: https://www.booking.com/cars/index.html?aid=304142&label=flights-booking-direct
Title: Mietwagen

Search URL Search Domain Scan URL

URL: https://www.booking.com/attractions/index.de.html?aid=304142&label=flights-booking-direct&sid=faa498404a50d3537cbce5a02cf75e4b&source=booking_index-nav_bar_tours_and_activities
Title: Sehenswürdigkeiten

Search URL Search Domain Scan URL

URL: https://www.booking.com/taxi/index.html?aid=304142&label=flights-booking-direct
Title: Taxis zum/vom Flughafen

Search URL Search Domain Scan URL

URL: https://www.booking.com/searchresults.de.html?no_rooms=1&checkin=2023-12-14&dest_type=CITY&selected_currency=BRL&group_adults=4&dest_id=-643612&checkout=2023-12-17&aid=304142
Title: Entdecken Sie Aufenthalte in Fortaleza

Search URL Search Domain Scan URL

URL: https://www.voeazul.com.br/en/baggage
Title: Azul Brazilian Airlines

Search URL Search Domain Scan URL

URL: https://www.booking.com/hotel/br/olympo-praia.de.html?no_rooms=1&checkin=2023-12-14&dest_type=hotel&selected_currency=BRL&group_adults=4&dest_id=12717&checkout=2023-12-17&aid=304142
Title: Mareiro HotelHotel8.4Sehr gut 1484 Bewertungen4,6 km vom ZentrumFrühstück inbegriffenAb R$ 2.5424 Gäste / 3 NächteVerfügbarkeit sehen

Search URL Search Domain Scan URL

URL: https://www.booking.com/hotel/br/blue-tree-towers-fortaleza.de.html?no_rooms=1&checkin=2023-12-14&dest_type=hotel&selected_currency=BRL&group_adults=4&dest_id=6783959&checkout=2023-12-17&aid=304142
Title: Blue Tree Towers Fortaleza Beira MarHotel8.6Fabelhaft 1974 Bewertungen5,6 km vom ZentrumFrühstück inbegriffenAb R$ 3.1994 Gäste / 3 NächteVerfügbarkeit sehen

Search URL Search Domain Scan URL

URL: https://www.booking.com/hotel/br/gran-mareiro.de.html?no_rooms=1&checkin=2023-12-14&dest_type=hotel&selected_currency=BRL&group_adults=4&dest_id=1558272&checkout=2023-12-17&aid=304142
Title: Gran Mareiro HotelHotel9Hervorragend 2835 Bewertungen9,8 km vom ZentrumFrühstück inbegriffenAb R$ 3.1524 Gäste / 3 NächteVerfügbarkeit sehen

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help?source=hc_entry_point_flights_order_page
Title: Zu den Hilfeseiten

Search URL Search Domain Scan URL

URL: https://www.booking.com/content/terms.de.html
Title: Geschäftsbedingungen von Booking.com

Search URL Search Domain Scan URL

URL: https://www.booking.com/content/privacy.de.html
Title: Datenschutzrichtlinien von Booking.com

Search URL Search Domain Scan URL

URL: https://flights-br.gotogate.com/rf/travel-conditions
Title: Geschäftsbedingungen von Gotogate International AB

Search URL Search Domain Scan URL

URL: https://flights-br.gotogate.com/rf/privacy-policy
Title: Datenschutzrichtlinien von Gotogate International AB

Search URL Search Domain Scan URL

URL: https://www.voeazul.com.br/en/for-your-trip/international-flights/contract-of-carriage
Title: Azul Brazilian Airlines

Search URL Search Domain Scan URL

URL: https://www.booking.com/covid_19.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Häufig gestellte Fragen zum Coronavirus (COVID-19)

Search URL Search Domain Scan URL

URL: https://secure.booking.com/content/cs.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Ihre Reisen verwalten

Search URL Search Domain Scan URL

URL: https://secure.booking.com/help?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602&source=hc_entry_point_flights_footer
Title: Hilfe vom Kundenservice

Search URL Search Domain Scan URL

URL: https://www.booking.com/trust_and_safety.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Sicherheit – Informationen

Search URL Search Domain Scan URL

URL: https://www.booking.com/genius.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Genius-Treueprogramm

Search URL Search Domain Scan URL

URL: https://www.booking.com/deals_index.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Reiseangebote der Saison

Search URL Search Domain Scan URL

URL: https://www.booking.com/articles.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Reiseberichte

Search URL Search Domain Scan URL

URL: https://business.booking.com/?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Booking.com für Geschäftsreisen

Search URL Search Domain Scan URL

URL: https://www.booking.com/traveller-awards/index.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Traveller Review Awards

Search URL Search Domain Scan URL

URL: https://cars.booking.com/Home.do?label=flights-booking-direct&aid=304142&affiliateCode=booking-com&adplat=footer
Title: Autovermietung

Search URL Search Domain Scan URL

URL: https://booking.com/pxgo?url=https%3A%2F%2Fbooking.kayak.com%2Fin%3Fsid%3De12226127133b0a85b5d3a26e07a1602%26mc%3DEUR%26bdclc%3Dde%26p%3Dfooter_link%26a%3Dbdc%252Ffooter_link&aid=304142&label=flights-booking-direct&lang=de&token=UmFuZG9tSVYkc2RlIyh9YXYkRVs_GG8E7j4ArIeJPd_njBrBqXYthmqQ3YlH482J6HiB4GJw56iBz7aCgmq0Wy7d6Z6PZYG1S23QI1D203r-P3Jh9ISf8H3MiRuq6S04IE69TYmV-_F_XIlfiwz15GW1xdocjnxLER3nmVTTv5m2APshq2rhrwL7C_gN--sqHWt9V3u0bgOLvj0oBslqrvxo4XomD-uB-mo7aiUX71ANDYWvrCQuAE2pxhA45p9e_yvbagTAahjp3GU7nLsEIEz1Mq5z7xhQXG8p0s8z6YcHz6_w4dmx01WOock6YaX8HJhASAr3EP20qVUPmSxOzaqcH65ZH-oudeYuhRFpr8dA8nSIZIfK7J5Rkv4QgfPN
Title: Flugsuche

Search URL Search Domain Scan URL

URL: https://www.opentable.de/?label=flights-booking-direct&aid=304142&ref=13850
Title: Restaurantreservierungen

Search URL Search Domain Scan URL

URL: https://www.booking.com/affiliate-program/v2/index.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602&utm_campaign=booking-footer&utm_content=travel-agents-link&utm_medium=referral&utm_source=booking.com
Title: Booking.com für Reisevermittler

Search URL Search Domain Scan URL

URL: https://www.booking.com/content/privacy.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Cookie-Einstellungen verwalten

Search URL Search Domain Scan URL

URL: https://www.booking.com/content/terms.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Allgemeine Geschäftsbedingungen

Search URL Search Domain Scan URL

URL: https://www.bookingholdings.com/about/compliance-and-ethics/?label=flights-booking-direct&aid=304142
Title: MSA-Erklärung

Search URL Search Domain Scan URL

URL: https://www.booking.com/content/legal.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Impressum

Search URL Search Domain Scan URL

URL: https://admin.booking.com/?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602&utm_campaign=login_footer_v0&utm_medium=frontend&utm_source=extranet_login_footer
Title: Extranet-Login

Search URL Search Domain Scan URL

URL: https://partner.booking.com/de?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602&utm_campaign=footer_list&utm_medium=frontend_footer&utm_source=booking.com
Title: Partnerhilfe

Search URL Search Domain Scan URL

URL: https://join.booking.com/?label=flights-booking-direct&aid=304142&lang=de&sid=e12226127133b0a85b5d3a26e07a1602&utm_medium=frontend&utm_source=footer_menu
Title: Ihre Unterkunft anmelden

Search URL Search Domain Scan URL

URL: https://www.booking.com/affiliate-program/v2/index.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602&utm_campaign=booking-footer&utm_content=become-an-affiliate-link&utm_medium=referral&utm_source=booking.com
Title: Affiliate werden

Search URL Search Domain Scan URL

URL: https://www.booking.com/general.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602&tmpl=docs%2Fabout
Title: Über Booking.com

Search URL Search Domain Scan URL

URL: https://www.booking.com/content/how_we_work.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Unser Konzept

Search URL Search Domain Scan URL

URL: https://www.sustainability.booking.com/?label=flights-booking-direct&aid=304142
Title: Nachhaltigkeit

Search URL Search Domain Scan URL

URL: https://news.booking.com/de?label=flights-booking-direct&aid=304142
Title: Presse

Search URL Search Domain Scan URL

URL: https://careers.booking.com/?label=flights-booking-direct&aid=304142
Title: Karriere

Search URL Search Domain Scan URL

URL: https://www.bookingholdings.com/?label=flights-booking-direct&aid=304142
Title: Investorenbeziehungen

Search URL Search Domain Scan URL

URL: https://www.booking.com/content/contact-us.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Firmenkontakt

Search URL Search Domain Scan URL

URL: https://www.booking.com/content-moderation-policy/overview-page.de.html?label=flights-booking-direct&aid=304142&sid=e12226127133b0a85b5d3a26e07a1602
Title: Richtlinien für Inhalte und Melden von Inhalten

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e Show response
flights.booking.com/booking/order-details/ 723 KB
124 KB 470ms
356ms Document
text/html 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

ee76c35c25d4efdaa9a97bc0764f3d4f0b224630b28e51474ed8a6af3bd77301

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy-report-only: base-uri 'none'; frame-ancestors 'none'; frame-src https://*.booking.com https://*.doubleclick.net; object-src 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&e=UmFuZG9tSVYkc2RlIyh9YYX-8qB8sBWzju5WmDl7IHU&pid=27ecc490996c11ee9ba69be2516f10aa; script-src 'nonce-0c4017a16c4e50cf580b' 'report-sample' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https:
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 04:00:30 GMT
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-id: HX1-PhIDn0vM_DijOCtd8kv7gq6SWWf2FU0kA9KQtaBdTTNEwmmEuA==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 27ecc490-996c-11ee-9ba6-9be2516f10aa
x-xss-protection: 1; mode=block

GET
H2 200 client.bda71d76.css
q-xx.bstatic.com/flights/web/static/css/ 316 KB
39 KB 103ms
24ms Stylesheet
text/css 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-xx.bstatic.com/flights/web/static/css/client.bda71d76.css
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6886a0043657cd58676198942d706fcf548b46224626fc3b2a79f67f200013b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:15:20 GMT
content-encoding: gzip
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 13:08:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 84859
x-amz-server-side-encryption: AES256
etag: W/"7a3a97a93c0e19468e56cf919fbf3d17"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: R7KGzmjV2biqwCVZkv-EmlFBSetikiVXE62Y1lMzWQ6U-1ATeXZ8KA==

GET
H2 200 screens-Confirmation.5bb82b9b.chunk.css
q-xx.bstatic.com/flights/web/static/css/ 52 KB
10 KB 123ms
45ms Stylesheet
text/css 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-xx.bstatic.com/flights/web/static/css/screens-Confirmation.5bb82b9b.chunk.css
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d69e2539cd19fd575d4421ac29bbe54a2aa48e5a7039d9c09b995ec8dc0a759d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:29:56 GMT
content-encoding: gzip
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 16:17:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 75598
x-amz-server-side-encryption: AES256
etag: W/"e56bcfd448968435dc0ee08ab78cd695"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: w26naPa9Vv-33px0ydy9-J3rXoA3tqTy1OaegKoeG7nRepUzlJdJ9Q==

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/7163e23c-88a8-41d6-8838-55b75cf39a74/ 5 KB
3 KB 97ms
50ms Script
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7163e23c-88a8-41d6-8838-55b75cf39a74/OtAutoBlock.js

Requested by

Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23aa716638b1b77e4cea640b507ae4ba472b618766bb1c6a736b2359e654fd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Dec 2023 04:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 82715
content-md5: m5JxbiwXpWlcxqK3dR59Zw==
content-length: 2071
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 15:24:16 GMT
server: cloudflare
etag: 0x8DBAE242B003EEF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 968452ef-c01e-0030-09cd-21874c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 834b4cee0a5c0858-FRA
expires: Thu, 14 Dec 2023 04:00:30 GMT

GET
H2 200 4bac1f1e.5270db54.chunk.css
q-cf.bstatic.com/psb/capla/static/css/ 2 KB
1 KB 105ms
28ms Stylesheet
text/css 2600:9000:2646:2800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-cf.bstatic.com/psb/capla/static/css/4bac1f1e.5270db54.chunk.css
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 184c7bc739797ceae9c96ab65a0f4e54efe073e4e54bc32714d0d9b898d45ab8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Ihmt1.Inihk0Epj.6XXqbF5jVfKRYP7Q
content-encoding: gzip
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 20:47:37 GMT
last-modified: Mon, 11 Dec 2023 16:58:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 25974
x-amz-server-side-encryption: AES256
etag: W/"e41cafe5c69a0543662e49daf2e3e15f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-meta-x-deployment-hash: foo
x-amz-cf-id: W6O4Gn57SLzvQx1IP4h-fd3znmsCna4GSn6ZuiTwUixXxBAOasOjCA==

GET
H2 200 client.38ffee15.css
q-cf.bstatic.com/psb/capla/static/css/ 190 KB
27 KB 101ms
25ms Stylesheet
text/css 2600:9000:2646:2800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-cf.bstatic.com/psb/capla/static/css/client.38ffee15.css
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e5eaf9396e8ecd984a3d8f622c5a6ef767ae75aa2bf907305f6baa56c2a7088

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: BGpUunZ8jyLPhh0ZVzjSvowJpL2nDRru
content-encoding: gzip
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 20:47:37 GMT
last-modified: Mon, 11 Dec 2023 16:58:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 25974
x-amz-server-side-encryption: AES256
etag: W/"c9009dc966b4c139ffffe886598ac0c0"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-meta-x-deployment-hash: foo
x-amz-cf-id: w_f_A6H5W-G1sneJ78Ga9dZQ0ajXl_7sgkco8JdmnzoCFvjEV9LISg==

GET
H2 200 client.82fcb02f.js Show response
q-xx.bstatic.com/flights/web/static/js/ 1 MB
334 KB 67ms
23ms Script
application/javascript 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a340e2d3e0fded8a46b120d9f7584ba40c318ea2b41a987709e5d147341a4996

Request headers

Referer
Origin: https://flights.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:26:48 GMT
content-encoding: gzip
via: 1.1 b99111dfd026a3c99d0e66063beb0544.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 12:05:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 56023
x-amz-server-side-encryption: AES256
etag: W/"1a0c676e37349081bec73e3dd692bb36"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: T9wlizVLgyOC0_TCuvKahd0IaexLHyqU6lJNvunqZnpkK4yja68PtA==

GET
H2 200 screens-Confirmation.c46038f6.chunk.js Show response
q-xx.bstatic.com/flights/web/static/js/ 1 MB
296 KB 136ms
96ms Script
application/javascript 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-xx.bstatic.com/flights/web/static/js/screens-Confirmation.c46038f6.chunk.js
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ed4db27230a704ed09f7fff6761cd2e9435c94e5ff680f1b5017d32559fd4f4

Request headers

Referer
Origin: https://flights.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:27:54 GMT
content-encoding: gzip
via: 1.1 b99111dfd026a3c99d0e66063beb0544.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 12:05:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 55957
x-amz-server-side-encryption: AES256
etag: W/"63da8713ebdb5b44a3fa599467da094f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: XiKJp2sa3BY00YsKrwHY0PyvLtX8G2OT52twD0bBe-XvL_f8fFameQ==

GET
H2 200 remoteEntry.c3f4d461.client.js Show response
q-cf.bstatic.com/psb/capla/static/js/ 26 KB
8 KB 26ms
24ms Script
application/javascript 2600:9000:2646:2800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-cf.bstatic.com/psb/capla/static/js/remoteEntry.c3f4d461.client.js
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2f0f43812af4d7d5ac7b648a22ff92c221271105a4bffc378fab51ebe0feee2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: vBOpavUSrIGbOQiQugijoXGf480Cvlx7
content-encoding: gzip
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 11:00:18 GMT
last-modified: Fri, 08 Dec 2023 08:01:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 61213
x-amz-server-side-encryption: AES256
etag: W/"f7eb8b3abed28f0204d0e362d937f9a5"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-meta-x-deployment-hash: foo
x-amz-cf-id: TJJsXCp0lI-pb2-u0hCqgI9LtyGgZTHrEOcM0mEDbdsGSG6MShNFSg==

GET
H2 200 4bac1f1e.40ac7f39.chunk.js Show response
q-cf.bstatic.com/psb/capla/static/js/ 247 KB
60 KB 29ms
28ms Script
application/javascript 2600:9000:2646:2800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-cf.bstatic.com/psb/capla/static/js/4bac1f1e.40ac7f39.chunk.js
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64e040d38e310ab20dff9e58cbd7d21e162a1095c5d1aaa398247f4911c718fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: jvIvAaSBiDcjH5gFCwTjHoRS02Zr3VAg
content-encoding: gzip
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 20:47:38 GMT
last-modified: Mon, 11 Dec 2023 10:20:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 25972
x-amz-server-side-encryption: AES256
etag: W/"81c42401b68e4b3e543513a08f354a9d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-meta-x-deployment-hash: foo
x-amz-cf-id: OmABI9fs30V7qi96eCRXIJ2i24qTO5wdqEHWgWesTvHGjrJqn46ziA==

GET
H2 200 remoteEntry.4295a9a8.client.js Show response
q-cf.bstatic.com/psb/capla/static/js/ 20 KB
7 KB 47ms
45ms Script
application/javascript 2600:9000:2646:2800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-cf.bstatic.com/psb/capla/static/js/remoteEntry.4295a9a8.client.js
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca1aa9313b1412e4f27bc470e5d1b724859be5a3eed16ba85ab530a188558d6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:20:08 GMT
x-amz-version-id: _tpyTEEz8DvyPdsGASXOwJh_zdaKPVCg
content-encoding: gzip
last-modified: Mon, 27 Nov 2023 13:16:16 GMT
server: AmazonS3
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
etag: W/"3398bd1381f925196ee90b3ba9799c6d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
x-amz-meta-x-deployment-hash: foo
content-type: application/javascript
age: 49222
x-amz-cf-id: tqmfF0dUkmC96D9ADgh9JtiF9ghyDt5Q9hiIg-ma_BjMmHNqkOswCA==

GET
H2 200 remoteEntry.efa92c91.client.js Show response
q-cf.bstatic.com/psb/capla/static/js/ 17 KB
6 KB 48ms
47ms Script
application/javascript 2600:9000:2646:2800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-cf.bstatic.com/psb/capla/static/js/remoteEntry.efa92c91.client.js
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd61e3ff204074e0a9c66c3dd2b3d809fc2885db5d264af6a84589e003371acf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:30:49 GMT
x-amz-version-id: YYI8immBoHSk22Gq.TBxjiqRhhbRHb2y
content-encoding: br
last-modified: Mon, 11 Dec 2023 20:03:07 GMT
server: AmazonS3
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
etag: W/"ab87308c8b55678eb70463b9e3944b76"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
x-amz-meta-x-deployment-hash: foo
content-type: application/javascript
age: 66582
x-amz-cf-id: WK5YQ5h1S547jQtSuteGGa0ye7DAreCloKX7SNOzuu9VY4mogxR0sA==

GET
H2 200 client.6641f0c1.js Show response
q-cf.bstatic.com/psb/capla/static/js/ 1012 KB
282 KB 54ms
53ms Script
application/javascript 2600:9000:2646:2800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-cf.bstatic.com/psb/capla/static/js/client.6641f0c1.js
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19b17d0aa9d1667cddec4510d9cd9a1b088d62d98f41fb57a6e8f3d33aeb0a09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: J7O_U2LYQsFBDwlt0nMfzkBVWtdYRdtP
content-encoding: gzip
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 20:47:38 GMT
last-modified: Fri, 08 Dec 2023 09:26:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 25972
x-amz-server-side-encryption: AES256
etag: W/"eff9b2047ca072b3e5115ff6a30dd075"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-meta-x-deployment-hash: foo
x-amz-cf-id: uPXzij5XW8VEsGxo3RJ_HhnNso3lLa0bcb43UV3sk8B2rti3KCwaIg==

GET
H2 200 a6808fc8.130754bc.chunk.js Show response
q-cf.bstatic.com/psb/capla/static/js/ 383 B
834 B 97ms
96ms Script
application/javascript 2600:9000:2646:2800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-cf.bstatic.com/psb/capla/static/js/a6808fc8.130754bc.chunk.js
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4de0e36b05afad22d85da9fd6cd699879c1a0da9c5bdb166853db1acbf743d63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 00mRIvLuRwvOwSyZYlr1_I.YL98Omapd
date: Tue, 12 Dec 2023 20:48:00 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 25951
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 383
last-modified: Mon, 11 Dec 2023 16:58:29 GMT
server: AmazonS3
etag: "75bcbe7945b1104286d727e632cdda8e"
vary: Accept-Encoding, Origin
x-amz-meta-x-deployment-hash: foo
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: MJ_XgvhaugC0bLOWpcibfXpzGJciFYXf1ZGXijK-BCwjRd93PPxEKA==

GET
H2 200 aee01701.aa538ed9.chunk.js Show response
q-cf.bstatic.com/psb/capla/static/js/ 16 KB
2 KB 98ms
97ms Script
application/javascript 2600:9000:2646:2800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-cf.bstatic.com/psb/capla/static/js/aee01701.aa538ed9.chunk.js
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:2800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 953f4caea19f1cf817f975bd22f853f523b08f4063a3297031f9db68222cf2e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: aze2iZSB8Vx9GJ02EqXpBFhKKC8GXHJR
content-encoding: gzip
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 20:47:38 GMT
last-modified: Mon, 11 Dec 2023 16:58:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 25972
x-amz-server-side-encryption: AES256
etag: W/"09f9edf220efb0e2f20e6830b8123145"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-meta-x-deployment-hash: foo
x-amz-cf-id: dWLohhbFhcu3yOt6STiMKq5QC2bohwjhVYpTHklZD5jQjDj6IxsQZg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
81 KB 85ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQHB9P4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b91d1f30f75c4d7abf336660470f6668295103f9bc54f75a37b502d3fbdb8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82106
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 04:00:30 GMT

GET
H2 200 de.png
q-xx.bstatic.com/backend_static/common/flags/new/48-squared/ 146 B
711 B 26ms
22ms Image
image/png 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/backend_static/common/flags/new/48-squared/de.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c1f1497ae4ade7ce895bc174187b7c5f145d0924c082c86cfed4efda62f305c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 10:03:24 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA60-P5
age: 1792626
x-cache: Hit from cloudfront
content-length: 146
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
server: nginx
etag: "5f560e08-92"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: eZx06pvM4xcguGps7vxoZgyUVKerZc1AtZXZRBCSQ73ZzgLnNb29Sw==
expires: Fri, 22 Dec 2023 10:03:24 GMT

GET
H2 200 De@3x.png
t-cf.bstatic.com/design-assets/assets/v3.106.0/images-flags/ 156 B
530 B 40ms
21ms Image
image/png 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-cf.bstatic.com/design-assets/assets/v3.106.0/images-flags/De@3x.png
Requested by: Host: flights.booking.com
URL: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bda0ba0c33b5e8fc764d505fb42e6a0c7fd3749971ab6a99e8601738ae05960f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:59:02 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 13:29:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 82889
x-amz-server-side-encryption: AES256
etag: "25bda7793fcd9f57fe6673fc7757d6c8"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 156
x-amz-cf-id: m1KdjGz6-JgZ-Qel4ganF8qtBGpDTJHOM4m0M8ocjTKtelkiT2INzQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/481216654/ 3 KB
2 KB 99ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481216654/?random=1702440030652&cv=11&fst=1702440030652&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v843635506&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fflights.booking.com%2Fbooking%2Forder-details%2F524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e%3Faid%3D304142%26label%3Dflights-booking-direct&hn=www.googleadservices.com&frm=0&tiba=Ihren%20Flug%20buchen%20-%20Booking.com&auid=121709052.1702440031&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQHB9P4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03a18bd24a81bc6aff2c4614036eb10e552f027e7403277fc6ad4868c1c9fb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 04:00:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1408
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1070314322

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQHB9P4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

014f3b32bea795f6cdb41fb8b1e91d734905c001c0320c8b3a0dfaaa90a2f9ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74726
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 04:00:30 GMT

GET
H2 200 35679.cbcbed2e.chunk.js Show response
q-xx.bstatic.com/flights/web/static/js/ 9 KB
3 KB 22ms
22ms Script
application/javascript 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q-xx.bstatic.com/flights/web/static/js/35679.cbcbed2e.chunk.js
Requested by: Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15a2af028dd436c341e726d9d8e7f0ddade71f49ee3e5bd097b37ae9531ae416

Request headers

Referer
Origin: https://flights.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:51:30 GMT
content-encoding: gzip
via: 1.1 b99111dfd026a3c99d0e66063beb0544.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 16:17:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 4141
x-amz-server-side-encryption: AES256
etag: W/"04793c446268e5edb97f46cf58ea0cb6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: stYgzyY4VHfiLJlQzB-VkKPLGYb60EdejibKEOlxAbVkv0eJhK06Aw==

GET
H2 200 cookiebanner.html Show response
www.booking.com/ Frame 3886 2 KB
2 KB 281ms
195ms Document
text/html 18.245.60.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/cookiebanner.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-76.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

d3c7c4dbe9a235e7ba1dbfe981c2af6e18b722ef684ef16eb08c4fc2a82a6627

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 836
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 04:00:31 GMT
nel: {"max_age":604800,"report_to":"default"}
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}]}
server: nginx
strict-transport-security: max-age=86400; includeSubDomains
vary: User-Agent, Accept-Encoding
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
x-amz-cf-id: N2SQOk7dojvV7mh8jElBX-sUh8bATAtLOl3TUvXoL3YE5q_ux3zqgw==
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
x-xss-protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/481216654/ 42 B
455 B 85ms
35ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/481216654/?random=1702440030652&cv=11&fst=1702440000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v843635506&u_w=1600&u_h=1200&url=https%3A%2F%2Fflights.booking.com%2Fbooking%2Forder-details%2F524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e%3Faid%3D304142%26label%3Dflights-booking-direct&frm=0&tiba=Ihren%20Flug%20buchen%20-%20Booking.com&fmt=3&is_vtc=1&cid=CAQSGwDICaaNQaKKxQ6hwodL-XRUk5guYc23qdanEA&random=3169910740&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 04:00:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/481216654/ 42 B
455 B 89ms
33ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/481216654/?random=1702440030652&cv=11&fst=1702440000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v843635506&u_w=1600&u_h=1200&url=https%3A%2F%2Fflights.booking.com%2Fbooking%2Forder-details%2F524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e%3Faid%3D304142%26label%3Dflights-booking-direct&frm=0&tiba=Ihren%20Flug%20buchen%20-%20Booking.com&fmt=3&is_vtc=1&cid=CAQSGwDICaaNQaKKxQ6hwodL-XRUk5guYc23qdanEA&random=3169910740&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 04:00:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/ 3 KB
2 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070314322/?random=1702440030911&cv=11&fst=1702440030911&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v882970024&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fflights.booking.com%2Fbooking%2Forder-details%2F524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e%3Faid%3D304142%26label%3Dflights-booking-direct&hn=www.googleadservices.com&frm=0&tiba=Ihren%20Flug%20buchen%20-%20Booking.com&auid=121709052.1702440031&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070314322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3764bba5ff9cba5b85d9d89238f9a60410f0b8ced76c2d70e072f152daecdc46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 04:00:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1438
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 header Show response
www.booking.com/attractions/api/ 16 KB
7 KB 225ms
154ms Fetch
application/json 18.245.60.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/attractions/api/header?label=flights-booking-direct&lang=de&aid=304142&product=flights

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-76.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

3748ebd5d6915ac81867e5d971cf67ea0bc5b5fcb8e42fbb0a120e89106e134a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: gzip
x-content-options: nosniff
via: 1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
content-security-policy-report-only: default-src 'self'; connect-src 'self' *.booking.com:* wss://*.booking.com:* cdn.cookielaw.org *.google-analytics.com *.onetrust.com; script-src 'self' 'unsafe-inline' *.booking.com:* *.bstatic.com cdn.cookielaw.org bat.bing.com googleads.g.doubleclick.net *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.onetrust.com; img-src * data:; style-src 'self' 'unsafe-inline' *.booking.com *.bstatic.com *.googleapis.com; font-src 'self' *.bstatic.com fonts.gstatic.com; frame-src 'self' *.booking.com; object-src 'none'; report-to default
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
server: nginx
vary: Accept-Encoding
access-control-max-age: 1209600
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flights.booking.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-amz-cf-id: gVsnEu4UHISxBjxdlqP5DwnsDY2HnjaS-EqMrxG1KN7Goudkf1nBOQ==

GET
H2 200 524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e Show response
flights.booking.com/api/order/ 22 KB
6 KB 367ms
366ms Fetch
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/api/order/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?pb=1&includeAvailableExtras=1&cancellationOptionsType=1

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

d3292d8b192b59838dfd0923330ce64222688e4ede4e24b33f7bb4de0ac8d867

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Flights-Client-Hints
x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="b-flights-frontend"
X-Booking-Experiment-Prepare-Clientside-Payload: 1
x-booking-request-tree-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
accept-language: de-DE,de;q=0.9
X-Flights-Context-Name: pb_order_details
x-booking-parent-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
X-Booking-Label: flights-booking-direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Requested-From: clientFetch
Referer
X-Booking-Affiliate-Id: 304142

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
x-booking-experiment-soylent-payload: {"flights_et_clientside_tracking_old_lib_soylent_aa":0,"flights_web_cross_sell_voucher_campaign_q2_heuristics":0,"flights_pb_universal_refunds_web_apps_emails_v2":1,"flights_vouchers_all_platforms_aa":0,"flights_apps_vouchers_all_platforms_aa":0,"flights_web_pb_default_self_cancel":1,"flights_web_cross_sell_quick_links":0,"flights_cross_sell_universal_voucher_campaign_q4":0,"flights_web_pb_faqs_booking_details":0,"flights_web_pb_rebook_policy_m1":1,"flights_web_cross_sell_modal_highlighted_card":0,"flights_web_pb_inconsistent_order_banner":1,"flights_web_cross_sell_pay_with_wallet":0,"flights_web_cross_sell_flights_to_flights":0,"flights_web_pb_checkin_page_m3":0,"flights_web_pb_cancel_conf_page":1}
referrer-policy: no-referrer
server: envoy
vary: Accept-Encoding,Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
x-booking-app-version: f13e13780406dd63c70b904d650321afdbbd6911
x-amz-cf-id: ePvII0jSxKnujUh1D1QNvsoNPqt4Wi-p0RjwTrvGrU9KFP26LmHvhg==

GET
H2 200 rebookPolicy Show response
flights.booking.com/api/order/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e/ 67 B
818 B 195ms
194ms Fetch
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

274324c5295fa590b6701f511219f7f9025e7607f600ffa62fb1087bb25e554e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Flights-Client-Hints
x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="b-flights-frontend"
x-booking-request-tree-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
accept-language: de-DE,de;q=0.9
X-Flights-Context-Name: pb_order_details
x-booking-parent-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
X-Booking-Label: flights-booking-direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Requested-From: clientFetch
Referer
X-Booking-Affiliate-Id: 304142

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 67
x-xss-protection: 1; mode=block
x-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
referrer-policy: no-referrer
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
x-booking-app-version: f13e13780406dd63c70b904d650321afdbbd6911
x-amz-cf-id: 0HtF9E9RyKNHWgqBWwf6zurrN5u65TmS6l3mJidFoZ6bwbONta885g==

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
742 B 90ms
90ms Fetch
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Flights-Client-Hints
x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="b-flights-frontend"
x-booking-request-tree-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
accept-language: de-DE,de;q=0.9
x-booking-parent-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
X-Booking-Label: flights-booking-direct
Content-Type: application/json
X-Requested-From: clientFetch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Referer: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
X-Booking-Affiliate-Id: 304142

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flights.booking.com
access-control-allow-credentials: true
x-amz-cf-id: uXtgwn3GpYs_CpMgDCaoSifF3YenekieCwVtYxntNAqnaxd-tNc-Qg==

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
743 B 104ms
103ms Fetch
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Flights-Client-Hints
x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="b-flights-frontend"
x-booking-request-tree-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
accept-language: de-DE,de;q=0.9
x-booking-parent-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
X-Booking-Label: flights-booking-direct
Content-Type: application/json
X-Requested-From: clientFetch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Referer: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
X-Booking-Affiliate-Id: 304142

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flights.booking.com
access-control-allow-credentials: true
x-amz-cf-id: 6x_6hmU5s73dfDHYYemmfnFsW8TYX9AOSfxEzyXhUkbA5tT4eq3yBg==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 138ms
59ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 13 Dec 2023 04:00:30 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B26C57D22A6E4557B9ADDC5B30880F06 Ref B: DUS30EDGE0719 Ref C: 2023-12-13T04:00:31Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 /
www.google.com/pagead/1p-user-list/1070314322/ 42 B
108 B 38ms
37ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070314322/?random=1702440030911&cv=11&fst=1702440000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v882970024&u_w=1600&u_h=1200&url=https%3A%2F%2Fflights.booking.com%2Fbooking%2Forder-details%2F524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e%3Faid%3D304142%26label%3Dflights-booking-direct&frm=0&tiba=Ihren%20Flug%20buchen%20-%20Booking.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNEFsmHZLrljvgQwGzyPG47xS-WlmICuZdRr48y_NnXYut_fXk&random=328440743&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 04:00:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1070314322/ 42 B
108 B 38ms
37ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070314322/?random=1702440030911&cv=11&fst=1702440000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v882970024&u_w=1600&u_h=1200&url=https%3A%2F%2Fflights.booking.com%2Fbooking%2Forder-details%2F524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e%3Faid%3D304142%26label%3Dflights-booking-direct&frm=0&tiba=Ihren%20Flug%20buchen%20-%20Booking.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNEFsmHZLrljvgQwGzyPG47xS-WlmICuZdRr48y_NnXYut_fXk&random=328440743&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 04:00:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 31ms
29ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Dec 2023 04:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vZrXoJWU2kJda+KcVQis1w==
age: 1010
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Tue, 12 Dec 2023 04:19:08 GMT
server: cloudflare
etag: 0x8DBFAC97C821F37
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6a7710b8-e01e-008e-1b71-2def35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 834b4cf29da60858-FRA

GET
H2 200 7163e23c-88a8-41d6-8838-55b75cf39a74.json Show response
cdn.cookielaw.org/consent/7163e23c-88a8-41d6-8838-55b75cf39a74/ 6 KB
3 KB 99ms
40ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7163e23c-88a8-41d6-8838-55b75cf39a74/7163e23c-88a8-41d6-8838-55b75cf39a74.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8338664f897fde1512c6124ec16cdb055669bf9cbd700f49a7513262f1d72497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Dec 2023 04:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 84872
content-md5: iLfyaJbIaf94e6uw8i5EZQ==
content-length: 2033
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 15:24:16 GMT
server: cloudflare
etag: 0x8DBAE242B201E69
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 28ef3752-301e-0056-3c87-0cc86c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 834b4cf338bc1ca1-FRA
expires: Thu, 14 Dec 2023 04:00:31 GMT

GET
H2 204 15338614.js Show response
bat.bing.com/p/action/ 0
118 B 48ms
47ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15338614.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 13 Dec 2023 04:00:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 31E2FDF6779A44C8BB69F91F09CA9650 Ref B: DUS30EDGE0719 Ref C: 2023-12-13T04:00:31Z
x-cache: CONFIG_NOCACHE

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 94ms
43ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 834b4cf42b889143-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/ 411 KB
99 KB 49ms
26ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Dec 2023 04:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2+I2Cj649lHjQKiedh8F2Q==
age: 1655
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 101254
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 03:55:47 GMT
server: cloudflare
etag: 0x8DBD50E45B16C1C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 95b9f744-001e-005d-6153-143307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 834b4cf48eee0858-FRA

POST
H2 200 getAccommodations Show response
flights.booking.com/api/crosssell/ 11 KB
2 KB 304ms
304ms Fetch
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/api/crosssell/getAccommodations

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

f03145996bcae8d08c25f4c358ada67ec01267a47926333432f72544dee0b1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Flights-Client-Hints
x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="b-flights-frontend"
x-booking-request-tree-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
accept-language: de-DE,de;q=0.9
X-Flights-Context-Name: pb_order_details
x-booking-parent-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
X-Booking-Label: flights-booking-direct
Content-Type: application/json
X-Requested-From: clientFetch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Referer
X-Booking-Affiliate-Id: 304142
X-Soylent-Email: d8f3537dc03d722d7fc7f4c3897169a2

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
referrer-policy: no-referrer
server: envoy
vary: Accept-Encoding,Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flights.booking.com
access-control-allow-credentials: true
x-booking-app-version: f13e13780406dd63c70b904d650321afdbbd6911
x-amz-cf-id: k1mGfoGVxTa33_hq8djkN_1j2Nzarll77wqn7-7SrPuBtOY0OuS7VA==

GET
H2 200 AD.png
r-xx.bstatic.com/data/airlines_logo/ 1 KB
2 KB 36ms
22ms Image
image/png 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-xx.bstatic.com/data/airlines_logo/AD.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0e4c1590c6f1fecbda553d6d47c352d6e50f950d1da63b8e3c9c7ccd354c1aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 10:23:41 GMT
x-amz-version-id: LMGaLssYp9iN8FDDPG73qZnW9EOVW7GA
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jan 2023 12:43:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 1791411
etag: "b1f990fe70b2dc17405cdf1e656e014b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1208
x-amz-cf-id: WilIdKn0_ePAPr9MwUenN_fixoJm8zHXdReBuLAFnYtEkfRfNehXow==

GET
H2 200 GeniusGiftBoxDiscount.png
t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/ 24 KB
24 KB 25ms
24ms Image
image/png 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/GeniusGiftBoxDiscount.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f332f5b788204465795b9097539c621b544279326bb282811f3c0747aa58439

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:49:41 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified: Tue, 10 Oct 2023 12:25:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 72656
x-amz-server-side-encryption: AES256
etag: "a1052c8126edefa161e7eb4a92d3e6a0"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 24198
x-amz-cf-id: ipVy0XqGJSfzS1uYzf3C9txMOWf-1AzonmQNyFUo69CEJo-eg8sqFA==

GET
H2 200 de.json Show response
cdn.cookielaw.org/consent/7163e23c-88a8-41d6-8838-55b75cf39a74/5960a206-455d-4495-8981-3d8a43c9b243/ 55 KB
15 KB 43ms
42ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7163e23c-88a8-41d6-8838-55b75cf39a74/5960a206-455d-4495-8981-3d8a43c9b243/de.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9661c682fb497ac236b263521b9ef0714d9229c9fe8171af2fbe54fc5bba3e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Dec 2023 04:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 80303
content-md5: xDinD05qVwlpVwdCuaxRGA==
content-length: 15640
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 15:24:32 GMT
server: cloudflare
etag: 0x8DBAE2434742641
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4e9a9faa-d01e-002c-2788-f0d52c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 834b4cf5ba641ca1-FRA
expires: Thu, 14 Dec 2023 04:00:31 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ 13 KB
3 KB 34ms
31ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Dec 2023 04:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: C2c3Qd8FHm1wstxOFHDJ2w==
age: 78184
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 03:55:37 GMT
server: cloudflare
etag: 0x8DBD50E3F9DEF08
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a3e20e7e-301e-001b-6646-230780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 834b4cf62ada1ca1-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ 21 KB
4 KB 35ms
33ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Dec 2023 04:00:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 84871
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 03:55:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f042a1c8-001e-004d-1f9e-0bf66f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 834b4cf62adc1ca1-FRA

OPTIONS
H2 200 track
www.booking.com/c360/v1/ Frame 0
0 49ms
47ms Preflight
application/json 18.245.60.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/c360/v1/track

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-76.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-booking-aid,x-booking-csrf,x-booking-et-seed,x-booking-label,x-booking-language-code,x-booking-pageview-id,x-booking-platform,x-booking-session-id,x-booking-sitetype-id
Access-Control-Request-Method: POST
Origin: https://flights.booking.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-booking-aid,x-booking-csrf,x-booking-et-seed,x-booking-label,x-booking-language-code,x-booking-pageview-id,x-booking-platform,x-booking-session-id,x-booking-sitetype-id
access-control-allow-methods: POST
access-control-allow-origin: https://flights.booking.com
content-encoding: br
content-length: 0
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=1a991c2ff2650090&e=UmFuZG9tSVYkc2RlIyh9YaKT1Ar0s2gSEmakdtrUqstgx-FL1aA15FvOJxTxLkgt4DNIN0I3haA
content-type: application/json; charset=UTF-8
date: Wed, 13 Dec 2023 04:00:31 GMT
server: nginx
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding, User-Agent
via: 1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
x-amz-cf-id: cQjOuZxZftQ2FJRmHR-k0565kOMKjJh9rkGeYxVXyXBBxoV9eKTBPw==
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
743 B 92ms
90ms Fetch
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Flights-Client-Hints
x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="b-flights-frontend"
x-booking-request-tree-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
accept-language: de-DE,de;q=0.9
x-booking-parent-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
X-Booking-Label: flights-booking-direct
Content-Type: application/json
X-Requested-From: clientFetch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Referer: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
X-Booking-Affiliate-Id: 304142
X-Soylent-Email: d8f3537dc03d722d7fc7f4c3897169a2

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flights.booking.com
access-control-allow-credentials: true
x-amz-cf-id: UkPc8DcXf6GnD-6hPOPCdkQ1FKLI2v85hT2uEWMlMMgj9sC8urUuNA==

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
742 B 75ms
73ms Fetch
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Flights-Client-Hints
x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="b-flights-frontend"
x-booking-request-tree-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
accept-language: de-DE,de;q=0.9
x-booking-parent-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
X-Booking-Label: flights-booking-direct
Content-Type: application/json
X-Requested-From: clientFetch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Referer: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
X-Booking-Affiliate-Id: 304142
X-Soylent-Email: d8f3537dc03d722d7fc7f4c3897169a2

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flights.booking.com
access-control-allow-credentials: true
x-amz-cf-id: Qi7a3tNxSkuYzsO_9rcF_5D30V_y7U1v3Ncy-1EnVAGl4xpdhfULzg==

POST
H2 200 track Show response
www.booking.com/c360/v1/ 29 B
921 B 135ms
135ms Fetch
application/json 18.245.60.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/c360/v1/track

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-76.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

9e30d10643956b392a79c2b0ac71118408dcd4da64d1443c70475aa3cda758ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Language-Code: de
X-Booking-CSRF: undefined
accept-language: de-DE,de;q=0.9
X-Booking-AID: 304142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Booking-Label: flights-booking-direct
Content-Type: application/json
X-Booking-Pageview-Id: undefined
Referer
X-Booking-SiteType-Id: 1
X-Booking-ET-Seed: undefined
X-Booking-Session-Id: undefined
X-Booking-Platform: ddot

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
content-encoding: br
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-content-options: nosniff
x-amz-cf-pop: FRA60-P5
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=8e781c30ce040164&e=UmFuZG9tSVYkc2RlIyh9YaKT1Ar0s2gSEmakdtrUqsvsp79c6Jb7wb7iwKgWL61K13xAW1S5QJs
x-cache: Miss from cloudfront
content-length: 33
x-xss-protection: 1; mode=block
server: nginx
vary: User-Agent, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flights.booking.com
access-control-allow-credentials: true
x-amz-cf-id: 7_tcFX3ihCpnKhDNl1nlp3fzsCV8zNomE5ABuYbpWW0OKj8Q0zZF2w==

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
743 B 73ms
72ms Fetch
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Flights-Client-Hints
x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="b-flights-frontend"
x-booking-request-tree-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
accept-language: de-DE,de;q=0.9
x-booking-parent-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
X-Booking-Label: flights-booking-direct
Content-Type: application/json
X-Requested-From: clientFetch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Referer: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
X-Booking-Affiliate-Id: 304142
X-Soylent-Email: d8f3537dc03d722d7fc7f4c3897169a2

Response headers

date: Wed, 13 Dec 2023 04:00:31 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flights.booking.com
access-control-allow-credentials: true
x-amz-cf-id: bTHHhtZ_adsDAiVzkwvQFQXX3MFJwDCedwIiMqU-c0-OBm7imOBceQ==

GET
H2 200 GeniusGiftBoxDiscount.png
t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/ 24 KB
24 KB 27ms
25ms Image
image/png 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-cf.bstatic.com/design-assets/assets/v3.99.1/illustrations-traveller/GeniusGiftBoxDiscount.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f332f5b788204465795b9097539c621b544279326bb282811f3c0747aa58439

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:49:41 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified: Tue, 10 Oct 2023 12:25:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 72656
x-amz-server-side-encryption: AES256
etag: "a1052c8126edefa161e7eb4a92d3e6a0"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 24198
x-amz-cf-id: wTOWbi-aXbve2GfguV0KfTj3J1aqvJRx2iJ3a5jNuflfSmJiREIsbQ==

GET
H2 200 391372337.jpg
q-xx.bstatic.com/xdata/images/hotel/150x124/ 7 KB
8 KB 146ms
145ms Image
image/jpeg 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/150x124/391372337.jpg?k=b2977b36aefb18551fae9771acd75e6630104659854f2fa315a218c4c83dc8da&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

624d2895eb872d2f591531da7c575182ffbf44f7b5479ed96ba4f43d2d205d2e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P5
etag: "116dcebee9cef7391323a9f62a5911c5f6b1e835"
x-cache: Miss from cloudfront
content-language: 7406
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 7406
x-xss-protection: 1; mode=block
x-amz-cf-id: r0Tinhi1P_qhPd1cMhCZ6IrOqT-Scuu8SX13mye4aUtm94WSq_c-Cw==

GET
H2 200 280244668.jpg
q-xx.bstatic.com/xdata/images/hotel/150x124/ 4 KB
4 KB 160ms
159ms Image
image/jpeg 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/150x124/280244668.jpg?k=8c0fd746b299dd96e16f4b537ec3afd81097c3d40d6db63a8848209c60df32b4&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

25544d04e9236b798274d000e63fc88376b73c5a6508a21e00dbcf60b10345b3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P5
etag: "a9b596416690223be94a91f1507869c75e244fe5"
x-cache: Miss from cloudfront
content-language: 3933
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 3933
x-xss-protection: 1; mode=block
x-amz-cf-id: iQM6bfIwlp4L9ygti9vMa6JFmiCvbOONESWmNPlVNhGa60oeAyj-zg==

GET
H2 200 78455887.jpg
q-xx.bstatic.com/xdata/images/hotel/150x124/ 6 KB
6 KB 164ms
163ms Image
image/jpeg 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/150x124/78455887.jpg?k=727d572d0a10828803a26ac439651164fec62eb0b6f8d921f4b4d78e6e587a7f&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3a076bf9436f320c9cc88777bae764739d0ecdccf551b220af19b7735be8303a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P5
etag: "76b3e7574ff4a2f9f0cdf274a3a3c555cb7e6d52"
x-cache: Miss from cloudfront
content-language: 5714
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 5714
x-xss-protection: 1; mode=block
x-amz-cf-id: AS2smaCmXLj5FQ-wvXdt7mpvk91tkjYX6ZR3sfLORCfksbSEcbno_Q==

OPTIONS
H2 200 track
www.booking.com/c360/v1/ Frame 0
0 61ms
61ms Preflight
application/json 18.245.60.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/c360/v1/track

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-76.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-booking-aid,x-booking-csrf,x-booking-et-seed,x-booking-label,x-booking-language-code,x-booking-pageview-id,x-booking-platform,x-booking-session-id,x-booking-sitetype-id
Access-Control-Request-Method: POST
Origin: https://flights.booking.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-booking-aid,x-booking-csrf,x-booking-et-seed,x-booking-label,x-booking-language-code,x-booking-pageview-id,x-booking-platform,x-booking-session-id,x-booking-sitetype-id
access-control-allow-methods: POST
access-control-allow-origin: https://flights.booking.com
content-encoding: br
content-length: 0
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=6d791c2f4a04019e&e=UmFuZG9tSVYkc2RlIyh9YaKT1Ar0s2gSEmakdtrUqsuo5_OkuPxyBaexCap8EssVeDp27RLK0m4
content-type: application/json; charset=UTF-8
date: Wed, 13 Dec 2023 04:00:31 GMT
server: nginx
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding, User-Agent
via: 1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
x-amz-cf-id: MYppAbk7qXcggJ66WDOqebKeZGKmjPqV1d1NjdH88WrkhaUuj7hVhw==
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block

POST
H2 200 track Show response
www.booking.com/c360/v1/ 29 B
907 B 156ms
155ms Fetch
application/json 18.245.60.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/c360/v1/track

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-76.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

9e30d10643956b392a79c2b0ac71118408dcd4da64d1443c70475aa3cda758ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Language-Code: de
X-Booking-CSRF: undefined
accept-language: de-DE,de;q=0.9
X-Booking-AID: 304142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Booking-Label: flights-booking-direct
Content-Type: application/json
X-Booking-Pageview-Id: undefined
Referer
X-Booking-SiteType-Id: 1
X-Booking-ET-Seed: undefined
X-Booking-Session-Id: undefined
X-Booking-Platform: ddot

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
content-encoding: br
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-content-options: nosniff
x-amz-cf-pop: FRA60-P5
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=2cde1c303027001c&e=UmFuZG9tSVYkc2RlIyh9YaKT1Ar0s2gSEmakdtrUqsvM2vgTDG1EmEteNFK7hgt61fEAKyWRDBc
x-cache: Miss from cloudfront
content-length: 33
x-xss-protection: 1; mode=block
server: nginx
vary: User-Agent, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flights.booking.com
access-control-allow-credentials: true
x-amz-cf-id: HDBpFrnz85DmCLNRQBMVog6VJPJsIFLEdPEG6hl2-tTQ_7j0TJjZjw==

POST
H2 202 internal-events Show response
flights.booking.com/track/ 16 B
743 B 84ms
84ms Fetch
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/internal-events

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Booking-Flights-Client-Hints
x-booking-trace-meta: caller_persona="b-flights-frontend"; root_caller_persona="b-flights-frontend"
x-booking-request-tree-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
accept-language: de-DE,de;q=0.9
x-booking-parent-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
X-Booking-Label: flights-booking-direct
Content-Type: application/json
X-Requested-From: clientFetch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Referer: https://flights.booking.com/booking/order-details/524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e?aid=304142&label=flights-booking-direct
X-Booking-Affiliate-Id: 304142
X-Soylent-Email: d8f3537dc03d722d7fc7f4c3897169a2

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 16
x-xss-protection: 1; mode=block
x-request-id: 537b760f-df49-4bf4-b17d-aa578b859a9d
server: envoy
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flights.booking.com
access-control-allow-credentials: true
x-amz-cf-id: C49JmVZ1Ac-BruZHHQArSfcSOiTbDM4RjkqUNd1TWbOth2EiLMMoSg==

GET
H2 200 391372337.jpg
q-xx.bstatic.com/xdata/images/hotel/180x180/ 11 KB
12 KB 95ms
92ms Image
image/jpeg 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/180x180/391372337.jpg?k=b2977b36aefb18551fae9771acd75e6630104659854f2fa315a218c4c83dc8da&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

96b2bf12e0d42fd20e9175724f8268807f5ffac78f92ec6cb98a33f3575a0725

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P5
etag: "3680a2ef92a1f6bd14b2d62f2cb610d204606c33"
x-cache: Miss from cloudfront
content-language: 11727
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: pQqW-NwhYOlNUbVo8GqkQ9qS1iy8Lu5ur3yw83Syk2rnobISIZBqgA==
x-xss-protection: 1; mode=block

GET
H2 200 280244668.jpg
q-xx.bstatic.com/xdata/images/hotel/180x180/ 5 KB
6 KB 124ms
123ms Image
image/jpeg 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/180x180/280244668.jpg?k=8c0fd746b299dd96e16f4b537ec3afd81097c3d40d6db63a8848209c60df32b4&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e9931e90c43a3e34b6206b7e008bf48663d8ea818e2ee0986f8be89cd23b242b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P5
etag: "d511d75353cf786badded8911f541d5202e40c7c"
x-cache: Miss from cloudfront
content-language: 5606
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 5606
x-xss-protection: 1; mode=block
x-amz-cf-id: tQHutVdjWmyMtwaEPDEoKuW_HqNBUgW2afYIrQmHqRjvcIfoLdZz6g==

GET
H2 200 78455887.jpg
q-xx.bstatic.com/xdata/images/hotel/180x180/ 9 KB
9 KB 164ms
163ms Image
image/jpeg 2600:9000:2646:6e00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q-xx.bstatic.com/xdata/images/hotel/180x180/78455887.jpg?k=727d572d0a10828803a26ac439651164fec62eb0b6f8d921f4b4d78e6e587a7f&o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:6e00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

93493bd9fbda2c2c4f3bfb909f4bde358bf89516c22a90eef6356b2872aacdce

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P5
etag: "8fbb94fcb960a4bef4960890c7bbe50fe4d18e39"
x-cache: Miss from cloudfront
content-language: 8807
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 4js-l_g-IdJiyP6zbazA-QzTUl7CXyFNwDZNYWeUr8ArBi7Mv2HgtA==
x-xss-protection: 1; mode=block

GET
H2 200 sink Show response
flights.booking.com/track/ 4 B
664 B 76ms
75ms XHR
application/json 13.32.27.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://flights.booking.com/track/sink?p=bbEgGD6rK2VkTkZ1W7EQjd_MScACWJqOGKs6fPZyYEpO9eJ2UJVAGDFdC1Y4fGFEd-oJUtebcYE4f0ywirzAmLUFOdwDcu4UfGUY2WydrF0YFLRslbOIlH4btm8TVYbjArhSHz_4aB57ApnE_lefgOGXQ*mflights_et_clientside_tracking_new_lib_aa.s1.s2*mflights_et_clientside_tracking_soylent_vi_aa.s1.s2*dsid.2

Requested by

Host: q-xx.bstatic.com
URL: https://q-xx.bstatic.com/flights/web/static/js/client.82fcb02f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-6.fra56.r.cloudfront.net

Software

envoy /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:00:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA56-C2
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
content-length: 4
x-xss-protection: 1; mode=block
x-request-id: 292348c0-996c-11ee-a26c-03524518921d
x-amz-cf-id: xvrd6U3Q_k43mNvIxTv7CfplaKdU2UkJ3b4SaCfD1D2nUZbvXQU1SA==

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.booking.com/	1970-01-20 16:55:26	Name: fasc Value: ea6b4840-3ad7-4918-be2a-7c708386a1b3
.booking.com/	1970-01-21 01:39:36	Name: pc_payer_id Value: 70ed0045-d509-4c15-807c-db29d607f313
.booking.com/	1970-01-21 01:39:36	Name: fsc Value: s%3Afff84200c3c3db8c95853ba5dd90a7bb.s4deCm9ihsQyPWLpiJmPsuJ3QrW8hhd8ymIJIppWqYQ
.booking.com/	1970-01-21 02:30:00	Name: bkng_sso_auth Value: CAIQsOnuTRpmDoSq5uiIvSOcDQ/6uFYoZfCAHrtV1uLKoyyQVd4DeBMsYC2MQBfbcxNxcepgdt04cfteqncPogps9PfIXM3zmmETeNtQ4iuTZLW+Q1CdFqmfCk0kx7nPXl9iweGNydOsBx0SrbBJ
.booking.com/	1970-01-21 01:39:36	Name: pcm_consent Value: analytical%3Dfalse%26countryCode%3DDE%26consentId%3D7926cc55-4436-4b08-8018-38d25e412f9b%26consentedAt%3D2023-12-13T04%3A00%3A30.031Z%26expiresAt%3D2024-06-10T04%3A00%3A30.031Z%26implicit%3Dtrue%26marketing%3Dfalse%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr
.booking.com/	1970-01-20 19:03:36	Name: _gcl_au Value: 1.1.121709052.1702440031
.doubleclick.net/	1970-01-21 02:15:36	Name: IDE Value: AHWqTUnjrsKSGnCknl_lV4u5ez2Jq_tOx4a2i-UcF5de1Q7Fgsu98cTuEZJhfA2Q
.booking.com/	1970-01-21 02:30:00	Name: px_init Value: 0
flights.booking.com/	1970-01-20 17:18:31	Name: fsc Value: s%3Afff84200c3c3db8c95853ba5dd90a7bb.s4deCm9ihsQyPWLpiJmPsuJ3QrW8hhd8ymIJIppWqYQ
.booking.com/	1970-01-20 16:55:26	Name: _uetsid Value: 289e87a0996c11ee8323efce6e67e480
.booking.com/	1970-01-21 02:15:36	Name: _uetvid Value: 289ea420996c11eea3e44f5bdb42f5a4
flights.booking.com/	1970-01-20 21:13:12	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Dec+13+2023+05%3A00%3A31+GMT%2B0100+(Central+European+Standard+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=02283067-38e1-426d-8e97-80168d2b15ae&interactionCount=0&landingPath=https%3A%2F%2Fflights.booking.com%2Fbooking%2Forder-details%2F524ca89c3a34f6a6ef5220a603b3d83ca8990520017060d95e006b834a5d62796f0215a08407cc2ae425239625c363503eeb64939d55682c0728208b5947d59db2957d1ca3fb0f5760954c31d38e%3Faid%3D304142%26label%3Dflights-booking-direct&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
.booking.com/	1970-01-21 02:30:00	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBvBlekC54SK1pMGS8eK41prH3IZ5MlqotzEr79Z4lzs06KxwoPmaHLp5i%2FjMOrqKedF0nOm4unaWMrpXcz617VWcaO11qMF3akX9juHt6a3dly0XxuZ8tkwKE5dzEjP66IMAtpkhfrlRKS8Y%2BlVEfhf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.cookielaw.org
flights.booking.com
geolocation.onetrust.com
googleads.g.doubleclick.net
q-cf.bstatic.com
q-xx.bstatic.com
r-xx.bstatic.com
t-cf.bstatic.com
www.booking.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.27.6
18.245.60.76
2600:9000:2646:2800:5:bf05:acc0:93a1
2600:9000:2646:6e00:5:bf05:acc0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:83ec
2620:1ec:c11::200
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2004
014f3b32bea795f6cdb41fb8b1e91d734905c001c0320c8b3a0dfaaa90a2f9ec
03a18bd24a81bc6aff2c4614036eb10e552f027e7403277fc6ad4868c1c9fb59
0b91d1f30f75c4d7abf336660470f6668295103f9bc54f75a37b502d3fbdb8f7
0f332f5b788204465795b9097539c621b544279326bb282811f3c0747aa58439
15a2af028dd436c341e726d9d8e7f0ddade71f49ee3e5bd097b37ae9531ae416
184c7bc739797ceae9c96ab65a0f4e54efe073e4e54bc32714d0d9b898d45ab8
19b17d0aa9d1667cddec4510d9cd9a1b088d62d98f41fb57a6e8f3d33aeb0a09
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23aa716638b1b77e4cea640b507ae4ba472b618766bb1c6a736b2359e654fd0b
25544d04e9236b798274d000e63fc88376b73c5a6508a21e00dbcf60b10345b3
274324c5295fa590b6701f511219f7f9025e7607f600ffa62fb1087bb25e554e
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
3748ebd5d6915ac81867e5d971cf67ea0bc5b5fcb8e42fbb0a120e89106e134a
3764bba5ff9cba5b85d9d89238f9a60410f0b8ced76c2d70e072f152daecdc46
3a076bf9436f320c9cc88777bae764739d0ecdccf551b220af19b7735be8303a
3ed4db27230a704ed09f7fff6761cd2e9435c94e5ff680f1b5017d32559fd4f4
4c1f1497ae4ade7ce895bc174187b7c5f145d0924c082c86cfed4efda62f305c
4de0e36b05afad22d85da9fd6cd699879c1a0da9c5bdb166853db1acbf743d63
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e5eaf9396e8ecd984a3d8f622c5a6ef767ae75aa2bf907305f6baa56c2a7088
624d2895eb872d2f591531da7c575182ffbf44f7b5479ed96ba4f43d2d205d2e
64e040d38e310ab20dff9e58cbd7d21e162a1095c5d1aaa398247f4911c718fa
6886a0043657cd58676198942d706fcf548b46224626fc3b2a79f67f200013b7
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
8338664f897fde1512c6124ec16cdb055669bf9cbd700f49a7513262f1d72497
93493bd9fbda2c2c4f3bfb909f4bde358bf89516c22a90eef6356b2872aacdce
953f4caea19f1cf817f975bd22f853f523b08f4063a3297031f9db68222cf2e0
9661c682fb497ac236b263521b9ef0714d9229c9fe8171af2fbe54fc5bba3e72
96b2bf12e0d42fd20e9175724f8268807f5ffac78f92ec6cb98a33f3575a0725
9e30d10643956b392a79c2b0ac71118408dcd4da64d1443c70475aa3cda758ea
a0e4c1590c6f1fecbda553d6d47c352d6e50f950d1da63b8e3c9c7ccd354c1aa
a2f0f43812af4d7d5ac7b648a22ff92c221271105a4bffc378fab51ebe0feee2
a340e2d3e0fded8a46b120d9f7584ba40c318ea2b41a987709e5d147341a4996
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bd61e3ff204074e0a9c66c3dd2b3d809fc2885db5d264af6a84589e003371acf
bda0ba0c33b5e8fc764d505fb42e6a0c7fd3749971ab6a99e8601738ae05960f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca1aa9313b1412e4f27bc470e5d1b724859be5a3eed16ba85ab530a188558d6e
d3292d8b192b59838dfd0923330ce64222688e4ede4e24b33f7bb4de0ac8d867
d3c7c4dbe9a235e7ba1dbfe981c2af6e18b722ef684ef16eb08c4fc2a82a6627
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d69e2539cd19fd575d4421ac29bbe54a2aa48e5a7039d9c09b995ec8dc0a759d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9931e90c43a3e34b6206b7e008bf48663d8ea818e2ee0986f8be89cd23b242b
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ee76c35c25d4efdaa9a97bc0764f3d4f0b224630b28e51474ed8a6af3bd77301
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03145996bcae8d08c25f4c358ada67ec01267a47926333432f72544dee0b1db

flights.booking.com Open in urlscan Pro 13.32.27.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

82 %IPv6

9 Domains

13 Subdomains

11 IPs

2 Countries

1626 kBTransfer

6169 kBSize

13 Cookies

47 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flights.booking.com Open in urlscan Pro
13.32.27.6 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

1626 kB
Transfer

6169 kB
Size

13
Cookies

60 HTTP transactions
0 data transactions