urlscan.io logo urlscan.io
SecurityTrails logo

www.booking.com Open in urlscan Pro
18.245.60.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xn--booking-pr-76929454-ff60s.ws/
Effective URL: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0...
Submission: On September 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 18.245.60.68, located in United States and belongs to AMAZON-02, US. The main domain is www.booking.com. The Cisco Umbrella rank of the primary domain is 11143.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 1st 2024. Valid for: a year.
This is the only time www.booking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.149.237 13335 (CLOUDFLAR...)
2 3 18.245.60.68 16509 (AMAZON-02)
13 2600:9000:264... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
18 4
Apex Domain
Subdomains		 Transfer
13 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 19480
3 booking.com
booking.com — Cisco Umbrella Rank: 7130
www.booking.com — Cisco Umbrella Rank: 11143
2 KB
1 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
4 KB
1 xn--booking-pr-76929454-ff60s.ws
xn--booking-pr-76929454-ff60s.ws
577 B
18 4
Domain Requested by
13 cf.bstatic.com www.booking.com
2 www.booking.com 1 redirects
1 cdn.cookielaw.org www.booking.com
1 booking.com 1 redirects
1 xn--booking-pr-76929454-ff60s.ws 1 redirects
18 5

This site contains no links.

Subject Issuer Validity Valid
*.booking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-01 -
2025-03-25		 a year crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-29 -
2024-11-28		 a year crt.sh
cookielaw.org
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Frame ID: F20EF203CF4BD9EF1A7A5057D431277B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://xn--booking-pr-76929454-ff60s.ws/ HTTP 302
    https://booking.com/ HTTP 301
    https://www.booking.com/ HTTP 302
    https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIA... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

83 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

4 kB
Transfer

179 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xn--booking-pr-76929454-ff60s.ws/ HTTP 302
    https://booking.com/ HTTP 301
    https://www.booking.com/ HTTP 302
    https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.de.html
www.booking.com/
Redirect Chain
  • https://xn--booking-pr-76929454-ff60s.ws/
  • https://booking.com/
  • https://www.booking.com/
  • https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f...
140 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-68.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private
content-encoding
br
content-security-policy-report-only
base-uri 'none'; object-src 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=146&pid=f8b079b3edf705c5&e=UmFuZG9tSVYkc2RlIyh9YYYdGuViorKPHE96am57bYSGCrwiv87T21KvByZGXIxD; script-src 'self' 'nonce-lUQV1vJE4gC7l3R' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: 'sha256-47mKTaMaEn1L3m5DAz9muidMqw636xxw7EFAK/YnPdg=' 'sha256-iry7oJKoKJ+9HSjmU3E1TlRlpSesJWZ1vapuUz2MP38='
content-type
text/html; charset=UTF-8
date
Thu, 05 Sep 2024 17:18:30 GMT
link
<https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/308436ca26aacf6a7553e4c0cf298d0f780727a2.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/f1558a6e9832a4eb8cfe1d3d14db176bd3564335.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/index_cloudfront_sd.iq_ltr/b14ffeed1466df127d194be5a63782d4eca33d2b.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/1c7a18e763aebb5ce09f31e59af1e8d8f6e925f5.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/22870d2036e5b5667d39fb7d0c2c8e937d5d2a13.css>; rel=preload; as=style <https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/5b5ab8ab66a5ce3092875d0725122439c4f2dfdd.css>; rel=preload; as=style
nel
{"report_to":"default","max_age":604800}
report-to
{"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, User-Agent
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
x-amz-cf-id
6o5qcKFu90jbhbAwWCvl5L4n8443WzhQ6DsbBcVuDt84yc7qGWFxBA==
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-recruiting
Like HTTP headers? Come write ours: https://careers.booking.com
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 05 Sep 2024 17:18:30 GMT
location
/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
nel
{"report_to":"default","max_age":604800}
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default","max_age":604800}
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
x-amz-cf-id
A52jP_94WNayNuRYTK3P6fKn7A35mQK8mWKNDMdtoPRdEFzinNJHmg==
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
x-recruiting
Like HTTP headers? Come write ours: https://careers.booking.com
x-terms-of-service
https://www.booking.com/content/terms.html
x-xss-protection
1; mode=block
308436ca26aacf6a7553e4c0cf298d0f780727a2.css
cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/308436ca26aacf6a7553e4c0cf298d0f780727a2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:52:10 GMT
content-encoding
br
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
1844781
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Jul 2024 07:24:59 GMT
server
nginx
etag
W/"668e374b-28f06"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
YGTYNzOuqNqAs4GA64tn0bCvfA_vrR723qT42Xo40oLMaWwCk2xu8Q==
expires
Sat, 14 Sep 2024 08:52:10 GMT
f1558a6e9832a4eb8cfe1d3d14db176bd3564335.css
cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/f1558a6e9832a4eb8cfe1d3d14db176bd3564335.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 07:08:01 GMT
content-encoding
br
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
468630
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 28 Jul 2023 11:29:02 GMT
server
nginx
etag
W/"64c3a67e-1bc3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
zGURkCwQTbb6VWPZ6Q91yXCjDjtmd_6VKk0zOfSO8HMIY6VNHsOlCQ==
expires
Mon, 30 Sep 2024 07:08:01 GMT
b14ffeed1466df127d194be5a63782d4eca33d2b.css
cf.bstatic.com/static/css/index_cloudfront_sd.iq_ltr/ 		12 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/css/index_cloudfront_sd.iq_ltr/b14ffeed1466df127d194be5a63782d4eca33d2b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 11:34:32 GMT
content-encoding
br
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
798239
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 27 Aug 2024 11:33:29 GMT
server
nginx
etag
W/"66cdb989-52760"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
GMWEXL6T5iFzkB88JJm5otBqhLVpbZv6k55waf7O65NrZnXrJ7am_A==
expires
Thu, 26 Sep 2024 11:34:32 GMT
1c7a18e763aebb5ce09f31e59af1e8d8f6e925f5.css
cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/1c7a18e763aebb5ce09f31e59af1e8d8f6e925f5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 11:34:34 GMT
content-encoding
br
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
798237
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 27 Aug 2024 11:33:29 GMT
server
nginx
etag
W/"66cdb989-80fd6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
cAw_i8c8iDiA8krqJW4tBan-pkaqCv2JNbyrUZvGqCM1Zho6wEUi-A==
expires
Thu, 26 Sep 2024 11:34:34 GMT
22870d2036e5b5667d39fb7d0c2c8e937d5d2a13.css
cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/22870d2036e5b5667d39fb7d0c2c8e937d5d2a13.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 13:49:27 GMT
content-encoding
br
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
1481344
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 19 Aug 2024 10:13:29 GMT
server
nginx
etag
W/"66c31ac9-205ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
NJlWM0gRod3yaTbPrJe3yAWRK-Z8LQGBcRY6XarrNbLvmC7tXKpRow==
expires
Wed, 18 Sep 2024 13:49:27 GMT
5b5ab8ab66a5ce3092875d0725122439c4f2dfdd.css
cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/ 		13 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/5b5ab8ab66a5ce3092875d0725122439c4f2dfdd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 07:09:49 GMT
content-encoding
br
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
122921
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 30 Jan 2024 07:07:17 GMT
server
nginx
etag
W/"65b8a025-129a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
EeSW0MhRCIOs2WC3gyedWJc3NquDFyQKaueH-j4HTyzyIpdRFeyAew==
expires
Fri, 04 Oct 2024 07:09:49 GMT
OtAutoBlock.js
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeef46c6bcf3b586b15aaeb70f6c5bd54c2bc1f506dba5ff501b5b1b223a170f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 17:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
31743
content-md5
4Ir+LqjMiM2piRQM7BDc5A==
content-length
3034
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 08:29:20 GMT
server
cloudflare
etag
0x8DCCD84D6C4F5F3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f776bc8b-e01e-002f-646d-ff12b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8be7e10599b0d2e3-FRA
expires
Fri, 06 Sep 2024 17:18:31 GMT
cookie-banner.min.js
cf.bstatic.com/libs/privacy-consent/releases/2.1.55/customer/ 		0
0
2454015045ef79168d452ff4e7f30bdadff0aa81.js
cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/ 		0
0
f62025e692b596dd53ecd1bd082dfd3197944c50.js
cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/f62025e692b596dd53ecd1bd082dfd3197944c50.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 09:41:10 GMT
content-encoding
br
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
2533041
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 09:37:21 GMT
server
nginx
etag
W/"66b34051-c4d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
vHP2ICbcgTezqY1fbN2EZt8Lon0n-4OqBk8WEZgsu1WCrBAbDnKoDQ==
expires
Fri, 06 Sep 2024 09:41:10 GMT
e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
cf.bstatic.com/static/js/jquery_cloudfront_sd/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 09:45:18 GMT
content-encoding
br
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
1582393
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 28 Jun 2022 13:43:41 GMT
server
nginx
etag
W/"62bb058d-19a42"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
cyTo_Vx4pDLN-53yQz0yZhcvLM2dU2fRqtZW5B68F9DjrHOBVhfS7Q==
expires
Tue, 17 Sep 2024 09:45:18 GMT
b6a1885a8b8e726ce785159bb400db2283e9c964.js
cf.bstatic.com/static/js/main_cloudfront_sd/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/main_cloudfront_sd/b6a1885a8b8e726ce785159bb400db2283e9c964.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 06:33:44 GMT
content-encoding
br
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
297886
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2024 06:28:21 GMT
server
nginx
etag
W/"66d55b05-8e132"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
ZiQtJ8Hc5sJnHoIRzLnmrNgu89NU3b_glrcQjc2HoNBEpVpIo-K2sA==
expires
Wed, 02 Oct 2024 06:33:44 GMT
379d5866060ea6952453692060b314036995716b.js
cf.bstatic.com/static/js/index_cloudfront_sd/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/index_cloudfront_sd/379d5866060ea6952453692060b314036995716b.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 12:24:50 GMT
content-encoding
br
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
190421
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 30 Aug 2024 02:23:51 GMT
server
nginx
etag
W/"66d12d37-6202"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
4vIBVNG-yck1Y_-coYFzjpwJPFDJ4nI144yiDPcB_OgDcBg-mHdaYQ==
expires
Thu, 03 Oct 2024 12:24:50 GMT
f1c8c212c0149249fef02a562a6669d167bc56bc.js
cf.bstatic.com/static/js/landingpage_cloudfront_sd/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/landingpage_cloudfront_sd/f1c8c212c0149249fef02a562a6669d167bc56bc.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 11:34:32 GMT
content-encoding
br
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
798239
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 27 Aug 2024 11:33:30 GMT
server
nginx
etag
W/"66cdb98a-54b4a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Zk7KHKOlzIcSwqEzK68mq4dJBls3t7M_yvhUtOL2A1TfWlZGLPCq0Q==
expires
Thu, 26 Sep 2024 11:34:32 GMT
8c409b90db8d2ce96d4f48a8b2eca3f43a705428.js
cf.bstatic.com/static/js/searchbox_cloudfront_sd/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/searchbox_cloudfront_sd/8c409b90db8d2ce96d4f48a8b2eca3f43a705428.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 12:20:36 GMT
content-encoding
br
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
2437075
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 09 Jul 2024 12:10:34 GMT
server
nginx
etag
W/"668d28ba-3b767"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
cgb-hkVpFx52kC1ycn1JrLlqeC3iMXYLJ4kKvZgnARHoMxRhMvlpPg==
expires
Sat, 07 Sep 2024 12:20:36 GMT
0acd2ada6c74d5dec978a04ea837952bdf050cd2.js
cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf050cd2.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/index.de.html?label=gen173nr-1BCAEoggI46AdIM1gEaDuIAQGYAQe4ARnIAQzYAQHoAQGIAgGoAgO4AubP57YGwAIB0gIkYTViMGNmN2UtOWFhNy00OWYyLWFlNmMtZWZlZDBkMDAyYmU22AIF4AIB&sid=365424f6ff26f8053d2f5441c746a77e&keep_landing=1&sb_price_type=total&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5000:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 09:45:17 GMT
content-encoding
br
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P5
age
1582394
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 21 Dec 2022 14:29:30 GMT
server
nginx
etag
W/"63a3184a-180b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
3nzZuYJzZ-BOt3pAq4YUadIz-WPl3S_UzcZWvIWM9O7PCL3GbfC3lQ==
expires
Tue, 17 Sep 2024 09:45:17 GMT
77204d4da4aa41b08b1a4062c8e66e4629550994.js
cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cf.bstatic.com
URL
https://cf.bstatic.com/libs/privacy-consent/releases/2.1.55/customer/cookie-banner.min.js
Domain
cf.bstatic.com
URL
https://cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js
Domain
cf.bstatic.com
URL
https://cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e4629550994.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PCM

6 Cookies

Domain/Path Name / Value
xn--booking-pr-76929454-ff60s.ws/ Name: PHPSESSID
Value: lb8ve2r6n7b1flt14nak2dsk5c
.booking.com/ Name: px_init
Value: 0
.booking.com/ Name: bkng_sso_auth
Value: CAIQsOnuTRpmjSGTTlZmW6hveXqO9f00axfu9MJYa1orlG4U/4wFvHktVWmYHRAjWSuWHSXZWw9vR6qqWClVBPF5D4AagRs1ax2QQz7edJsGZOxx1fvai0h6yB5Hee+8WOs78I7937ZyTQ80aqeC
.booking.com/ Name: pcm_consent
Value: analytical%3Dfalse%26countryCode%3DDE%26consentId%3Daee7508f-b24f-4a1b-a200-a7419cd807f0%26consentedAt%3D2024-09-05T17%3A18%3A30.207Z%26expiresAt%3D2025-03-04T17%3A18%3A30.207Z%26implicit%3Dtrue%26marketing%3Dfalse%26regulation%3Dgdpr%26legacyRegulation%3Dgdpr
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBu1BASqFJN2%2FXzPdUcwU%2BzIRyN8PwlfBPy4oCnPYU6r%2B13NyesJPBSfvwoencxsNq9BW7fZ9DCcMBa7%2BsHXRMGhzbKJe%2B69WMOK5S%2FTadgQHxmJJSfjZ2GQ60ipBJ%2F0b2Fh65793zsVVmlRPM7N34Cc
.booking.com/ Name: pcm_personalization_disabled
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.com
cdn.cookielaw.org
cf.bstatic.com
www.booking.com
xn--booking-pr-76929454-ff60s.ws
cf.bstatic.com
172.67.149.237
18.245.60.68
2600:9000:2646:5000:5:bf05:acc0:93a1
2606:4700::6812:562a
aeef46c6bcf3b586b15aaeb70f6c5bd54c2bc1f506dba5ff501b5b1b223a170f